From: Damien Mason <kinetic@suse.net.au>
To: netfilter@lists.netfilter.org
Subject: VLANs and DNAT
Date: Fri, 25 Jul 2003 09:40:02 +1000 [thread overview]
Message-ID: <3F206E52.2090307@suse.net.au> (raw)
Hi Everyone,
I have two interfaces, eth1 and eth2
I have multiple vlans on a eth1, that is, eth1.1 and eth1.2, eth1.3
Eth2 is the external interface to the internet.
Vlan1 uses the following network address: 192.168.50.0/24
Vlan2 uses the following network address: 192.168.50.0/24 also
Vlan3 uses the following network address: 192.168.10.0/24
I have NAT working for the vlans, that is, clients are able to access
the external internet using nat.
However, there are servers on Vlan2 which I would like to forward
traffic to from the external interface, I would imagine that I could do
something like:
iptables -A PREROUTING -t nat -p tcp -d 203.221.181.27 --dport 80 -j
DNAT --to 192.168.50.10:80
But I cannot specify an interface -i eth1.2 in the prerouting, because
it occurs pre-routing?
How can I forward traffic to a host on a vlan when the vlans don't
use unique addressing schemes?.. I was thinking I may have to -j
REDIRECT the traffic to another chain, and forward it from there?
Any Ideas or solutions would be most appreciated :)
Thanks in advance,
Damien Mason
--
Best Regards,
Damien Mason
SuSE Systems Specialist
SuSE Linux Asia-Pacific
2-6 Waltham Street
Artarmon, NSW 2064, Australia
Telephone: (612) 943 943 94 ext 246
Facsimile: (612) 9437 3839
Email: kinetic@suse.net.au
<mailto:kinetic@suse.net.au?subject=Reply%20Email>
Web: http://www.suse.net.au./
next reply other threads:[~2003-07-24 23:40 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-07-24 23:40 Damien Mason [this message]
2003-07-25 10:17 ` VLANs and DNAT Chris Wilson
2003-07-25 13:40 ` Ramin Dousti
2003-07-25 13:54 ` Chris Wilson
2003-07-26 16:07 ` Damien Mason
-- strict thread matches above, loose matches on Subject: below --
2003-07-24 6:53 Damien Mason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F206E52.2090307@suse.net.au \
--to=kinetic@suse.net.au \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.