3 outside networks

All of lore.kernel.org
 help / color / mirror / Atom feed

* 3 outside networks
@ 2002-06-17 14:34 Srinath Mantripragada
  2002-06-17 18:13 ` Antony Stone
  0 siblings, 1 reply; 3+ messages in thread
From: Srinath Mantripragada @ 2002-06-17 14:34 UTC (permalink / raw)
  To: netfilter

Hi,

I need some help with iptables and SNAT.

I have one inside net 172.16.0.0/24  and 3 outside nets  10.28.0.0/16 ,
   172.18.0.0/24 and Internet.
The 3 nets are routed by one router that i do not have control.

I have valid internet Addresses and i want to use NAT with one of them
but not for 10.28 and 172.18 networks.

i tried this:

iptables -t nat -I POSTROUTING -o eth1 -d ! 10.28.0.0/16 -j SNAT --to
MY.VALID.ADDR
iptables -t nat -I POSTROUTING -o eth1 -d ! 172.18.0.0/24 -j SNAT
--to MY.VALID.ADDR

I guess that i need something like :   "-d  ! 10.28.0.0/16  OR ! 
172.18.0.0./24"
but i dont  know how  to do that.

Can someone helpme ?

Thanks

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: 3 outside networks
  2002-06-17 14:34 3 outside networks Srinath Mantripragada
@ 2002-06-17 18:13 ` Antony Stone
  2002-06-17 18:22   ` Antony Stone
  0 siblings, 1 reply; 3+ messages in thread
From: Antony Stone @ 2002-06-17 18:13 UTC (permalink / raw)
  To: netfilter

On Monday 17 June 2002 3:34 pm, Srinath Mantripragada wrote:

> I have one inside net 172.16.0.0/24  and 3 outside nets  10.28.0.0/16 ,
>    172.18.0.0/24 and Internet.
> The 3 nets are routed by one router that i do not have control.
>
> I have valid internet Addresses and i want to use NAT with one of them
> but not for 10.28 and 172.18 networks.
>
> I guess that i need something like :   "-d  ! 10.28.0.0/16  OR !
> 172.18.0.0./24"
> but i dont  know how  to do that.

Try this:

iptables -A POSTROUTING -t nat -d 10.28.0.0/16 -j ACCEPT
iptables -A POSTROUTING -t nat -d 172.18.0.0/24 -j ACCEPT
iptables -A POSTROUTING -t nat -j SNAT --to a.b.c.d

 

Antony.


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: 3 outside networks
  2002-06-17 18:13 ` Antony Stone
@ 2002-06-17 18:22   ` Antony Stone
  0 siblings, 0 replies; 3+ messages in thread
From: Antony Stone @ 2002-06-17 18:22 UTC (permalink / raw)
  To: netfilter

On Monday 17 June 2002 7:13 pm, Antony Stone wrote:

> On Monday 17 June 2002 3:34 pm, Srinath Mantripragada wrote:
> > I have one inside net 172.16.0.0/24  and 3 outside nets  10.28.0.0/16 ,
> >    172.18.0.0/24 and Internet.
> > The 3 nets are routed by one router that i do not have control.
> >
> > I have valid internet Addresses and i want to use NAT with one of them
> > but not for 10.28 and 172.18 networks.
> >
> > I guess that i need something like :   "-d  ! 10.28.0.0/16  OR !
> > 172.18.0.0./24"
> > but i dont  know how  to do that.
>
> Try this:
>
> iptables -A POSTROUTING -t nat -d 10.28.0.0/16 -j ACCEPT
> iptables -A POSTROUTING -t nat -d 172.18.0.0/24 -j ACCEPT
> iptables -A POSTROUTING -t nat -j SNAT --to a.b.c.d

Ooops !   That last one should inlcude the interface name too:

iptables -A POSTROUTING -t nat -o eth1 -j SNAT --to a.b.c.d

 

Antony.


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2002-06-17 18:22 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-06-17 14:34 3 outside networks Srinath Mantripragada
2002-06-17 18:13 ` Antony Stone
2002-06-17 18:22   ` Antony Stone

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.