From: Daniel Chemko <dchemko@smgtec.com>
To: "Rio Martin." <rio@martin.mu>
Cc: netfilter@lists.netfilter.org
Subject: Re: SNAT
Date: Sun, 06 Apr 2003 14:49:18 -0700 [thread overview]
Message-ID: <3E90A0DE.5020807@smgtec.com> (raw)
In-Reply-To: <00f101c2fc2a$91158d90$6401a8c0@server>
Rio Martin. wrote:
>Okay,
>I add another interface so that make looks like this:
>eth0 = 64.1.1.1
>eth0:1 = 192.168.1.1
>eth1 = 64.1.1.2
>
>also add iptables command:
># /sbin/iptables -t nat -A POSTROUTING -p tcp -s 192.168.1.0/24 --dport
>6667 -j SNAT --to 64.1.1.2
>
>but still doesnt work, all users from 192.168.1.0/24 still irc using
>64.1.1.1
>need help.
>
>Regards,
>Rio Martin.
>
>
>
>----- Original Message -----
>From: "Daniel Chemko" <dchemko@smgtec.com>
>To: "Rio Martin." <rio@martin.mu>; <netfilter@lists.netfilter.org>
>Sent: Friday, April 04, 2003 1:34 AM
>Subject: RE: SNAT
>
>
>1. You are using aliases, which IPTables does not use. Please use look
>into IPRoute2 on the net on how to setup proper IPRoute2 bindings.
>
>2. Add an SNAT rule on the postrouting -o <internet_iface> pointing to
>64.1.1.2
>
>-----Original Message-----
>From: Rio Martin. [mailto:rio@martin.mu]
>Sent: Thursday, April 03, 2003 2:29 AM
>To: netfilter@lists.netfilter.org
>Subject: SNAT
>
>Dear folks,
>I need help to modify the source ip for every irc connection coming from
>my
>clients.
>
>Eg:
>
>eth0 = 64.1.1.1
>eth0:1 = 64.1.1.2
>eth0:2 = 192.168.1.1
>
>
>My clients is in 192.168.1.0/24. Right now all connection to irc server
>is
>using ip 64.1.1.1
>I want to modify, so all irc connection is using 64.1.1.2
>
>Thanks for helping me ...
>
>Regards,
>Rio Martin.
>
>
>
>
>
>
>
>
>
*slaps his own head* of course it does! Keep that rule in, but you have
to mangle the packet route. If you have the ROUTE jump target, you can
use that to explicitly use that to accomplish what you desire, making
sure to apply your above rule to the outgoing interface, so just adding
-o eth1 to your previously described rule.
Unfortunately, I have never personally used the ROUTE target so I am not
sure the syntax. I think it would be something like:
iptables -t nat -A PREROUTING -p tcp --source 192.168.1.0/24 --dport
6667 -j ROUTE --iface eth1
iptables -t nat -A POSTROUTING -o eth1 -p tcp --source 192.168.1.0/24
--dport 6667 -j SNAT --to 64.1.1.2
You might need Patch-O-Matic to get the ROUTE option.
next prev parent reply other threads:[~2003-04-06 21:49 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-03 18:34 SNAT Daniel Chemko
2003-04-06 10:52 ` SNAT Rio Martin.
2003-04-06 21:49 ` Daniel Chemko [this message]
-- strict thread matches above, loose matches on Subject: below --
2012-02-22 2:04 SNAT cc
2012-02-22 7:47 ` SNAT SamLT
2007-10-09 18:47 SNAT Chad Eldridge
2007-10-09 19:47 ` SNAT Grant Taylor
2005-05-02 15:32 snat Marco Berizzi
2005-05-02 15:53 ` snat Jason Opperisano
2005-05-03 13:58 ` snat Marco Berizzi
2005-05-02 16:07 ` snat Taylor, Grant
2005-05-02 16:14 ` snat Jason Opperisano
2005-05-02 2:52 ` snat Ken Hilliard
2005-05-02 18:04 ` snat Charlie Brady
2005-05-02 18:06 ` snat Jason Opperisano
2005-05-02 3:14 ` snat Ken Hilliard
2004-07-09 3:57 SNAT Payal Rathod
2004-07-09 4:58 ` SNAT John A. Sullivan III
2003-07-08 0:21 SNAT David Busby
2003-04-25 17:45 SNAT Andy Wood
[not found] <20030403102302.5858.91445.Mailman@kashyyyk>
2003-04-03 10:29 ` SNAT Rio Martin.
2002-11-13 11:21 SNAT Rob Sterenborg
2002-11-13 13:26 ` SNAT Breno Cardoso Perucchi
2002-11-13 13:48 ` SNAT Rob Sterenborg
2002-11-13 16:33 ` SNAT Luis Fernando Barrera
2002-11-12 18:38 MS Messenger Aaron Clausen
2002-11-12 19:53 ` SNAT Breno Cardoso Perucchi
2002-11-12 21:01 ` SNAT Rob Sterenborg
2002-11-12 21:29 ` SNAT Antony Stone
2002-11-12 21:47 ` SNAT Luis Fernando Barrera
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3E90A0DE.5020807@smgtec.com \
--to=dchemko@smgtec.com \
--cc=netfilter@lists.netfilter.org \
--cc=rio@martin.mu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.