All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Jörg Harmuth" <harmuth@mnemon.de>
To: netfilter@lists.netfilter.org
Subject: Re: forwarding internet connection
Date: Wed, 02 Mar 2005 13:34:58 +0100	[thread overview]
Message-ID: <4225B2F2.1020303@mnemon.de> (raw)
In-Reply-To: <00c501c51f13$4aab30e0$0b01a8c0@dap.edu.ph>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Hi,

as far as I unstand your posting, you want to forward traffic based on
the source IP of the client. So, some clients should use ISP1 and some
ISP2. You could write per client:

## Rewriting destination address
iptables -t nat -A PREROUTING -s $IP_OF_CLIENT -j DNAT --to $IP_ISP2

## Allow forwarding of connections
iptables -A FORWARD -s $IP_OF_CLIENT -d $IP_ISP2 -m state \
- --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -d $IP_OF_CLIENT -s $IP_ISP2 -m state \
- --state ESTABLISHED,RELATED -j ACCEPT

## Maybe you need SNATing. If so:
iptables -t nat -A POSTROUTING -s $IP_OF_CLIENT -d $IP_ISP2 -j SNAT
- --to-source $IP_ISP1

May be, you can additionally add interface or protocol specifications
or the like. I don't know, because your exact network layout is unknown.

A very good tutorial on iptables is here:

http://iptables-tutorial.frozentux.net/chunkyhtml/index.html

Have a nice time,

Jörg

elg3ne schrieb:

| Hi guys...Im new to iptables please help me with my problem...
|
| How do I forward incoming traffic to a diffent machine? example is
| that I have 2 ISP 1 is primary & the other 1 is backup only... Now
| I want to utilize the backup ISP because it is not being used...
|
| I dont want to make changes per PC to PC just to change their
| gateway or proxy to use the backup ISP...
|
| How do I forward the incoming request to my primary ISP to 2nd ISP?
|
|
| For example client has 192.168.1.11 IP and I want the IP to use the
| 2nd ISP instead the 1st ISP..
|
| Btw Im using squid to access the internet for my client.
|
| Sorry if my explanation is not good...but I hope someone could help
| me...
|


- --
- -----------------------------------------------------------------------
mnemon
Jörg Harmuth
Marie-Curie.Str. 1
53359 Rheinbach

Tel.: (+49) 22 26  87 18 12
Fax:  (+49) 22 26 87 18 19
mail: harmuth@mnemon.de
Web:  http://www.mnemon.de
PGP-Key: http://www.mnemon.de/keys/harmuth_mnemon.asc
PGP-Fingerprint: 692E 4476 0838 60F8 99E2  7F5D B7D7 E48E 267B 204F
- -----------------------------------------------------------------------
Diese Mail wurde vor dem Versenden auf Viren und andere schädliche
Software untersucht. Es wurde keine maliziöse Software gefunden.

This Mail was checked for virusses and other malicious software before
sending. No malicious software was detected.
- -----------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
 
iD8DBQFCJbLyt9fkjiZ7IE8RAlYQAKCXvDV8MfHDaIH6GJa1jay56A+t2ACdFZ7w
MlbrDGj7qFY14xeWA+ULBB4=
=+e3D
-----END PGP SIGNATURE-----




      parent reply	other threads:[~2005-03-02 12:34 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-01-25 18:54 use of the limiting options Tib
2005-01-25 19:08 ` Tib
2005-01-25 19:28   ` Tib
     [not found]     ` <294d5daa0501251137328fa4ff@mail.gmail.com>
     [not found]       ` <Pine.LNX.4.53.0501251340370.24829@altaica>
2005-01-25 19:51         ` Mark Moseley
2005-01-25 19:56           ` Tib
2005-01-25 20:17             ` Mark Moseley
2005-01-25 20:22               ` Tib
2005-01-26  7:58                 ` Tib
2005-01-26 18:43                   ` Mark Moseley
2005-01-28 21:32                     ` Tib
     [not found]                     ` <7096989.1107132520756.JavaMail.rct@kale>
2005-01-31 19:00                       ` Bob Tellefson
2005-01-26 16:17 ` Jason Opperisano
2005-01-28 21:29   ` Tib
2005-01-31  3:44 ` Josh Nerius
2005-01-31  5:52   ` R. DuFresne
2005-03-02 10:33   ` forwarding internet connection elg3ne
2005-03-02 10:41     ` Essien Ita Essien
2005-03-02 12:34     ` Jörg Harmuth [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4225B2F2.1020303@mnemon.de \
    --to=harmuth@mnemon.de \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.