particular DNAT

All of lore.kernel.org
 help / color / mirror / Atom feed

* particular DNAT
@ 2005-09-06 21:06 famleone
  0 siblings, 0 replies; 2+ messages in thread
From: famleone @ 2005-09-06 21:06 UTC (permalink / raw)
  To: netfilter

Hi,

I have a firewall netfilter + iptables and the configurations is:

       adsl---------------------____ ---------------------dmz ----web
                                  |        |
                                  | FW  
|                                                       
                                  |____|

hdsl---------------------         ----------------------- lan

and for 
the server web i have a DNAT from hdsl on dmz

   iptables -t nat -A 
PREROUTING -p tcp -d ip.public.hdsl --dport 80 -j DNAT --to $serverweb:
80

but now I need a DNAT similar for the adsl

   iptables -t nat -A 
PREROUTING -p tcp -d ip.public.adsl --dport 80 -j DNAT --to $serverweb:
80

for the same server web, but now the response from server web go 
out from the hdsl line (the defualt gw) and it dont work.

In other 
word I want to forward the connection to the server web with 2 ip 
public: ip.public.adsl and ip.public.hdsl but the response pass only 
from the hdsl line. What can i do to distinguish the 2 different ip 
public to determine the correct gw ?

For me the ipt_ROUTE  is part of 
the solutions of my problem!

cfh

^ permalink raw reply	[flat|nested] 2+ messages in thread

* particular DNAT
@ 2005-09-06 20:55 luca
  0 siblings, 0 replies; 2+ messages in thread
From: luca @ 2005-09-06 20:55 UTC (permalink / raw)
  To: netfilter

Hi,

I have a firewall netfilter + iptables and the configurations is:

        adsl---------------------      ----------------------dmz ----web
                            eth2|     |eth1                    
                                     FW
                            eth3|     |eth0
        hdsl---------------------      ----------------------- lan

and for the server web i have a DNAT from hdsl on dmz

    iptables -t nat -A PREROUTING -p tcp -d ip.public.hdsl --dport 80 -j 
DNAT --to $serverweb:80

but now I need a DNAT similar for the adsl

    iptables -t nat -A PREROUTING -p tcp -d ip.public.adsl --dport 80 -j 
DNAT --to $serverweb:80

for the same server web, but now the response from server web go out 
from the hdsl line (the defualt gw) and it dont work.

In other word I want to forward the connection to the server web with 2 
ip public: ip.public.adsl and ip.public.hdsl but the response pass only 
from the hdsl line. What can i do to distinguish the 2 different ip 
public to determine the correct gw ?

For me the ipt_ROUTE  is part of the solutions of my problem!

CFH

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2005-09-06 21:06 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-09-06 21:06 particular DNAT famleone
  -- strict thread matches above, loose matches on Subject: below --
2005-09-06 20:55 luca

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.