From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Shroads, Jay" <js@ziniandassociates.com>
Date: Mon, 17 Jun 2002 13:18:11 +0000
Subject: RE: [LARTC] ADVANCED ROUTING USING IPROUTE2 -> Multiple Firewalls
MIME-Version: 1
Content-Type: multipart/mixed; boundary="----_=_NextPart_001_01C21601.6E37E350"
Message-Id: <marc-lartc-102431998413971@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-102397943817504@msgid-missing>
In-Reply-To: <marc-lartc-102397943817504@msgid-missing>
To: lartc@vger.kernel.org

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C21601.6E37E350
Content-Type: text/plain;
	charset="iso-8859-1"

All-

Same identical problem...However,the kernel did boot, and despite many
complaints about missing symbols, it is running and working as advertised.  

Regards,
Jay Shroads

-----Original Message-----
From: Roni Reicher [mailto:roni@varosoft.com.br]
Sent: Saturday, June 15, 2002 12:53 PM
To: William L. Thomson Jr.; lartc@mailman.ds9a.nl
Subject: RES: [LARTC] ADVANCED ROUTING USING IPROUTE2 -> Multiple
Firewalls


Hi William. Thanks a lot for your help.

Im having some trouble recompiling my kernel after a installed the
patch.

Im running RH 7.3 with kernel 2.4.18-3.

The patch I installed is routes-2.4.16-6.diff. I got no errors
installing it.

I added the multipath support, and recompiled it.

The make dep and the make bzImage went fine.

I got error during the make modules.

These are the errors:

Output.c: in function 'cipe_xmit'
Output.c:175 too few arguments to function 'ip_route_output'
Make[3]: *** [output.o] error 1
Make[3]: leaving directory '/usr/src/linux-2.4.18-3/drivers/addon/cipe'
Make[2]: *** [_modsubdir_cipe] error 2
Make[2]: leaving directory '/usr/src/linux-2.4.18-3/drivers/addon'
Make[1]: *** [_modsubdir_addon] error 2
Make[1]: leaving directory '/usr/src/linux-2.4.18-3/drivers
Make: *** [_mod_drivers] error 2

After I got that error, a formatted and reinstalled redhat 7.3. Then I
used the newer patch (routes-2.4.19-8.diff), and I got error installing,
and of course I couldn't recompile it.

I formatted again to see if I were doing something wrong recompiling.
But this time I didn't patch and recompile it. I got no errors...

Any ideas? Am I using the wrong patch?

Thanks a lot,

Ron


-----Mensagem original-----
De: William L. Thomson Jr. [mailto:support@obsidian-studios.com] 
Enviada em: quinta-feira, 13 de junho de 2002 14:43
Para: lartc@mailman.ds9a.nl
Assunto: Re: [LARTC] ADVANCED ROUTING USING IPROUTE2 -> Multiple
Firewalls

You will need to recompile your kernel with multpath support. Also
before you compile apply Julian's patches to the kernel.

http://www.linuxvirtualserver.org/~julian/#routes

Once that is done check out the Nano-HOWTO

http://www.linuxvirtualserver.org/~julian/nano.txt

That should get you on your way. The linux router will also have to
perform NAT, more than likely DNAT, for things to work properly.

On Thu, 2002-06-13 at 07:43, Roni Reicher wrote:
> Hi guys. I really need some help.
> 
>  
> 
> This is my scenario:
> 
>  
> 
>  
> 
>  
> 
> CLIENTS -> SWITCH -> W2K Server -> Linux -> Internet (with 2 ADSL
LINES)
> 
>  
> 
>  
> 
> My RedHat Linux 7.2 is just a firewall. Im running all the services
> (www, mail, etc.) on my W2K.
> 
>  
> 
> I tried to set up a load balance, but im getting the following
problem.
> 
>  
> 
> When I connect from the internet through my IP1 (ADSL 1) on any port
> that I redirect to W2K, I can connect perfectly to my W2K, but when I
> connect using my IP2 (ADSL2) I cant get to W2K.
> 
>  
> 
> And vice versa.
> 
>  
> 
> With the telnet server, which is running on the linux, I can connect
> using both IP's. 
> 
>  
> 
> I guess the problem is when the W2K uses the other gw.
> 
>  
> 
> My W2K default gw is the linux.
> 
>  
> 
> This is my setup:
> 
>  
> 
>  
> 
> W2K IP   -> 10.0.0.1 
> 
> W2K IP2 -> 192.168.1.2
> 
>  
> 
> Linux eth0       -> xxx.xxx.xxx.170 (ADSL1)
> 
> Linux eth0 gw ->  xxx.xxx.xxx.129
> 
>  
> 
> Linux eth1       -> 192.168.1.1
> 
>  
> 
> Linux eth2       -> yyy.yyy.yyy.205 (ADSL2)
> 
> Linux eth2 gw  -> yyy.yyy.yyy.193
> 
>  
> 
>  
> 
> IPTABLES (just the basic).
> 
>  
> 
> $IPTABLES -A INPUT -i lo       -j ACCEPT
> 
> $IPTABLES -A INPUT -p icmp -j ACCEPT
> 
>  
> 
> $IPTABLES -A FORWARD -o eth0 -j ACCEPT
> 
> $IPTABLES -A FORWARD -o eth2 -j ACCEPT
> 
>  
> 
> ##################### SMTP SERVER #################
> 
>  $IPTABLES -t nat -A PREROUTING -p tcp -d xxx.xxx.xxx.170 --dport 25
> -j DNAT --to-destination 192.168.1.2
> 
>  $IPTABLES -t nat -A PREROUTING -p tcp -d yyy.yyy.yyy.205  --dport 25
> -j DNAT --to-destination 192.168.1.2
> 
> ##################### HTTP SERVER ##################
> 
>  $IPTABLES -t nat -A PREROUTING -p tcp -d xxx.xxx.xxx.170 --dport 80
> -j DNAT --to-destination 192.168.1.2
> 
>  $IPTABLES -t nat -A PREROUTING -p tcp -d yyy.yyy.yyy.205 --dport 80
> -j DNAT --to-destination 192.168.1.2
> 
>  
> 
>  $IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
> 
>  $IPTABLES -t nat -A POSTROUTING -s 10.0.0.0/24    -j MASQUERADE
> 
>  $IPTABLES -t nat -A POSTROUTING -o eth0           -j MASQUERADE
> 
>  $IPTABLES -t nat -A POSTROUTING -o eth2           -j MASQUERADE
> 
>  
> 
>  
> 
>  
> 
> And this is my load balancing script:
> 
>  
> 
>  
> 
> #### Variables ######
> 
>  
> 
> IP=/sbin/ip
> 
>  
> 
> IF1=eth0
> 
> IP1=xxx.xxx.xxx.170
> 
> P1=xxx.xxx.xxx.129
> 
> P1_NET=xxx.xxx.xxx.128/26
> 
>  
> 
> IF2=eth2
> 
> IP2=yyy.yyy.yyy.205
> 
> P2= yyy.yyy.yyy.193
> 
> P2_NET= yyy.yyy.yyy.192/26
> 
>  
> 
> echo 201  t1 >> /etc/iproute2/rt_tables
> 
> echo 202  t2 >> /etc/iproute2/rt_tables
> 
>  
> 
>  
> 
> $IP route add $P1_NET dev $IF1 src $IP1 table t1
> 
> $IP route add default via $P1 table t1
> 
> $IP route add $P2_NET dev $IF2 src $IP2 table t2 
> 
> $IP route add default via $P2 table t2
> 
>  
> 
> $IP route add $P1_NET dev $IF1 src $IP1
> 
> $IP route add $P2_NET dev $IF2 src $IP2
> 
>  
> 
> $IP route add default via $P1
> 
>  
> 
> $IP rule add from $IP1 table t1
> 
> $IP rule add from $IP2 table t2
> 
>  
> 
> $IP route add default scope global nexthop via $P1 dev $IF1 weight 1
> nexthop via $P2 dev $IF2 weight 1
> 
>  
> 
>  
> 
>  
> 
> I really need help.
> 
>  
> 
> I appreciate it,
> 
>  
> 
> Ron Reicher
> 
> ronysrei@uol.com.br
> 
-- 
Sincerely,
William L. Thomson Jr.
Obsidian-Studios, Inc.
439 Amber Way
Petaluma, Ca. 94952
Phone  707.766.9509
Fax    707.766.8989
http://www.obsidian-studios.com
-- 
Sincerely,
William L. Thomson Jr.
Support Group
Obsidian-Studios Inc.
439 Amber Way
Petaluma, Ca. 94952
Phone  707.766.9509
Fax    707.766.8989
http://www.obsidian-studios.com

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

------_=_NextPart_001_01C21601.6E37E350
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2653.12">
<TITLE>RE: [LARTC] ADVANCED ROUTING USING IPROUTE2 -&gt; Multiple =
Firewalls</TITLE>
</HEAD>
<BODY>

<P><FONT SIZE=3D2>All-</FONT>
</P>

<P><FONT SIZE=3D2>Same identical problem...However,the kernel did boot, =
and despite many complaints about missing symbols, it is running and =
working as advertised.&nbsp; </FONT></P>

<P><FONT SIZE=3D2>Regards,</FONT>
<BR><FONT SIZE=3D2>Jay Shroads</FONT>
</P>

<P><FONT SIZE=3D2>-----Original Message-----</FONT>
<BR><FONT SIZE=3D2>From: Roni Reicher [<A =
HREF=3D"mailto:roni@varosoft.com.br">mailto:roni@varosoft.com.br</A>]</F=
ONT>
<BR><FONT SIZE=3D2>Sent: Saturday, June 15, 2002 12:53 PM</FONT>
<BR><FONT SIZE=3D2>To: William L. Thomson Jr.; =
lartc@mailman.ds9a.nl</FONT>
<BR><FONT SIZE=3D2>Subject: RES: [LARTC] ADVANCED ROUTING USING =
IPROUTE2 -&gt; Multiple</FONT>
<BR><FONT SIZE=3D2>Firewalls</FONT>
</P>
<BR>

<P><FONT SIZE=3D2>Hi William. Thanks a lot for your help.</FONT>
</P>

<P><FONT SIZE=3D2>Im having some trouble recompiling my kernel after a =
installed the</FONT>
<BR><FONT SIZE=3D2>patch.</FONT>
</P>

<P><FONT SIZE=3D2>Im running RH 7.3 with kernel 2.4.18-3.</FONT>
</P>

<P><FONT SIZE=3D2>The patch I installed is routes-2.4.16-6.diff. I got =
no errors</FONT>
<BR><FONT SIZE=3D2>installing it.</FONT>
</P>

<P><FONT SIZE=3D2>I added the multipath support, and recompiled =
it.</FONT>
</P>

<P><FONT SIZE=3D2>The make dep and the make bzImage went fine.</FONT>
</P>

<P><FONT SIZE=3D2>I got error during the make modules.</FONT>
</P>

<P><FONT SIZE=3D2>These are the errors:</FONT>
</P>

<P><FONT SIZE=3D2>Output.c: in function 'cipe_xmit'</FONT>
<BR><FONT SIZE=3D2>Output.c:175 too few arguments to function =
'ip_route_output'</FONT>
<BR><FONT SIZE=3D2>Make[3]: *** [output.o] error 1</FONT>
<BR><FONT SIZE=3D2>Make[3]: leaving directory =
'/usr/src/linux-2.4.18-3/drivers/addon/cipe'</FONT>
<BR><FONT SIZE=3D2>Make[2]: *** [_modsubdir_cipe] error 2</FONT>
<BR><FONT SIZE=3D2>Make[2]: leaving directory =
'/usr/src/linux-2.4.18-3/drivers/addon'</FONT>
<BR><FONT SIZE=3D2>Make[1]: *** [_modsubdir_addon] error 2</FONT>
<BR><FONT SIZE=3D2>Make[1]: leaving directory =
'/usr/src/linux-2.4.18-3/drivers</FONT>
<BR><FONT SIZE=3D2>Make: *** [_mod_drivers] error 2</FONT>
</P>

<P><FONT SIZE=3D2>After I got that error, a formatted and reinstalled =
redhat 7.3. Then I</FONT>
<BR><FONT SIZE=3D2>used the newer patch (routes-2.4.19-8.diff), and I =
got error installing,</FONT>
<BR><FONT SIZE=3D2>and of course I couldn't recompile it.</FONT>
</P>

<P><FONT SIZE=3D2>I formatted again to see if I were doing something =
wrong recompiling.</FONT>
<BR><FONT SIZE=3D2>But this time I didn't patch and recompile it. I got =
no errors...</FONT>
</P>

<P><FONT SIZE=3D2>Any ideas? Am I using the wrong patch?</FONT>
</P>

<P><FONT SIZE=3D2>Thanks a lot,</FONT>
</P>

<P><FONT SIZE=3D2>Ron</FONT>
</P>
<BR>

<P><FONT SIZE=3D2>-----Mensagem original-----</FONT>
<BR><FONT SIZE=3D2>De: William L. Thomson Jr. [<A =
HREF=3D"mailto:support@obsidian-studios.com">mailto:support@obsidian-stu=
dios.com</A>] </FONT>
<BR><FONT SIZE=3D2>Enviada em: quinta-feira, 13 de junho de 2002 =
14:43</FONT>
<BR><FONT SIZE=3D2>Para: lartc@mailman.ds9a.nl</FONT>
<BR><FONT SIZE=3D2>Assunto: Re: [LARTC] ADVANCED ROUTING USING IPROUTE2 =
-&gt; Multiple</FONT>
<BR><FONT SIZE=3D2>Firewalls</FONT>
</P>

<P><FONT SIZE=3D2>You will need to recompile your kernel with multpath =
support. Also</FONT>
<BR><FONT SIZE=3D2>before you compile apply Julian's patches to the =
kernel.</FONT>
</P>

<P><FONT SIZE=3D2><A =
HREF=3D"http://www.linuxvirtualserver.org/~julian/#routes" =
TARGET=3D"_blank">http://www.linuxvirtualserver.org/~julian/#routes</A><=
/FONT>
</P>

<P><FONT SIZE=3D2>Once that is done check out the Nano-HOWTO</FONT>
</P>

<P><FONT SIZE=3D2><A =
HREF=3D"http://www.linuxvirtualserver.org/~julian/nano.txt" =
TARGET=3D"_blank">http://www.linuxvirtualserver.org/~julian/nano.txt</A>=
</FONT>
</P>

<P><FONT SIZE=3D2>That should get you on your way. The linux router =
will also have to</FONT>
<BR><FONT SIZE=3D2>perform NAT, more than likely DNAT, for things to =
work properly.</FONT>
</P>

<P><FONT SIZE=3D2>On Thu, 2002-06-13 at 07:43, Roni Reicher =
wrote:</FONT>
<BR><FONT SIZE=3D2>&gt; Hi guys. I really need some help.</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; This is my scenario:</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; CLIENTS -&gt; SWITCH -&gt; W2K Server -&gt; =
Linux -&gt; Internet (with 2 ADSL</FONT>
<BR><FONT SIZE=3D2>LINES)</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; My RedHat Linux 7.2 is just a firewall. Im =
running all the services</FONT>
<BR><FONT SIZE=3D2>&gt; (www, mail, etc.) on my W2K.</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; I tried to set up a load balance, but im =
getting the following</FONT>
<BR><FONT SIZE=3D2>problem.</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; When I connect from the internet through my IP1 =
(ADSL 1) on any port</FONT>
<BR><FONT SIZE=3D2>&gt; that I redirect to W2K, I can connect perfectly =
to my W2K, but when I</FONT>
<BR><FONT SIZE=3D2>&gt; connect using my IP2 (ADSL2) I cant get to =
W2K.</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; And vice versa.</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; With the telnet server, which is running on the =
linux, I can connect</FONT>
<BR><FONT SIZE=3D2>&gt; using both IP's. </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; I guess the problem is when the W2K uses the =
other gw.</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; My W2K default gw is the linux.</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; This is my setup:</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; W2K IP&nbsp;&nbsp; -&gt; 10.0.0.1 </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; W2K IP2 -&gt; 192.168.1.2</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; Linux eth0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
-&gt; xxx.xxx.xxx.170 (ADSL1)</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; Linux eth0 gw -&gt;&nbsp; =
xxx.xxx.xxx.129</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; Linux eth1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
-&gt; 192.168.1.1</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; Linux eth2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
-&gt; yyy.yyy.yyy.205 (ADSL2)</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; Linux eth2 gw&nbsp; -&gt; =
yyy.yyy.yyy.193</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; IPTABLES (just the basic).</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IPTABLES -A INPUT -i =
lo&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -j ACCEPT</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IPTABLES -A INPUT -p icmp -j ACCEPT</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IPTABLES -A FORWARD -o eth0 -j ACCEPT</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IPTABLES -A FORWARD -o eth2 -j ACCEPT</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; ##################### SMTP SERVER =
#################</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; $IPTABLES -t nat -A PREROUTING -p tcp -d =
xxx.xxx.xxx.170 --dport 25</FONT>
<BR><FONT SIZE=3D2>&gt; -j DNAT --to-destination 192.168.1.2</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; $IPTABLES -t nat -A PREROUTING -p tcp -d =
yyy.yyy.yyy.205&nbsp; --dport 25</FONT>
<BR><FONT SIZE=3D2>&gt; -j DNAT --to-destination 192.168.1.2</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; ##################### HTTP SERVER =
##################</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; $IPTABLES -t nat -A PREROUTING -p tcp -d =
xxx.xxx.xxx.170 --dport 80</FONT>
<BR><FONT SIZE=3D2>&gt; -j DNAT --to-destination 192.168.1.2</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; $IPTABLES -t nat -A PREROUTING -p tcp -d =
yyy.yyy.yyy.205 --dport 80</FONT>
<BR><FONT SIZE=3D2>&gt; -j DNAT --to-destination 192.168.1.2</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; $IPTABLES -t nat -A POSTROUTING -s =
192.168.1.0/24 -j MASQUERADE</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; $IPTABLES -t nat -A POSTROUTING -s =
10.0.0.0/24&nbsp;&nbsp;&nbsp; -j MASQUERADE</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; $IPTABLES -t nat -A POSTROUTING -o =
eth0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -j =
MASQUERADE</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; $IPTABLES -t nat -A POSTROUTING -o =
eth2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -j =
MASQUERADE</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; And this is my load balancing script:</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; #### Variables ######</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; IP=3D/sbin/ip</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; IF1=3Deth0</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; IP1=3Dxxx.xxx.xxx.170</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; P1=3Dxxx.xxx.xxx.129</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; P1_NET=3Dxxx.xxx.xxx.128/26</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; IF2=3Deth2</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; IP2=3Dyyy.yyy.yyy.205</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; P2=3D yyy.yyy.yyy.193</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; P2_NET=3D yyy.yyy.yyy.192/26</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; echo 201&nbsp; t1 &gt;&gt; =
/etc/iproute2/rt_tables</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; echo 202&nbsp; t2 &gt;&gt; =
/etc/iproute2/rt_tables</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP route add $P1_NET dev $IF1 src $IP1 table =
t1</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP route add default via $P1 table t1</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP route add $P2_NET dev $IF2 src $IP2 table =
t2 </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP route add default via $P2 table t2</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP route add $P1_NET dev $IF1 src $IP1</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP route add $P2_NET dev $IF2 src $IP2</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP route add default via $P1</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP rule add from $IP1 table t1</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP rule add from $IP2 table t2</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; $IP route add default scope global nexthop via =
$P1 dev $IF1 weight 1</FONT>
<BR><FONT SIZE=3D2>&gt; nexthop via $P2 dev $IF2 weight 1</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; I really need help.</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; I appreciate it,</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; Ron Reicher</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; ronysrei@uol.com.br</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>-- </FONT>
<BR><FONT SIZE=3D2>Sincerely,</FONT>
<BR><FONT SIZE=3D2>William L. Thomson Jr.</FONT>
<BR><FONT SIZE=3D2>Obsidian-Studios, Inc.</FONT>
<BR><FONT SIZE=3D2>439 Amber Way</FONT>
<BR><FONT SIZE=3D2>Petaluma, Ca. 94952</FONT>
<BR><FONT SIZE=3D2>Phone&nbsp; 707.766.9509</FONT>
<BR><FONT SIZE=3D2>Fax&nbsp;&nbsp;&nbsp; 707.766.8989</FONT>
<BR><FONT SIZE=3D2><A HREF=3D"http://www.obsidian-studios.com" =
TARGET=3D"_blank">http://www.obsidian-studios.com</A></FONT>
<BR><FONT SIZE=3D2>-- </FONT>
<BR><FONT SIZE=3D2>Sincerely,</FONT>
<BR><FONT SIZE=3D2>William L. Thomson Jr.</FONT>
<BR><FONT SIZE=3D2>Support Group</FONT>
<BR><FONT SIZE=3D2>Obsidian-Studios Inc.</FONT>
<BR><FONT SIZE=3D2>439 Amber Way</FONT>
<BR><FONT SIZE=3D2>Petaluma, Ca. 94952</FONT>
<BR><FONT SIZE=3D2>Phone&nbsp; 707.766.9509</FONT>
<BR><FONT SIZE=3D2>Fax&nbsp;&nbsp;&nbsp; 707.766.8989</FONT>
<BR><FONT SIZE=3D2><A HREF=3D"http://www.obsidian-studios.com" =
TARGET=3D"_blank">http://www.obsidian-studios.com</A></FONT>
</P>

<P><FONT =
SIZE=3D2>_______________________________________________</FONT>
<BR><FONT SIZE=3D2>LARTC mailing list / LARTC@mailman.ds9a.nl</FONT>
<BR><FONT SIZE=3D2><A =
HREF=3D"http://mailman.ds9a.nl/mailman/listinfo/lartc" =
TARGET=3D"_blank">http://mailman.ds9a.nl/mailman/listinfo/lartc</A> =
HOWTO: <A HREF=3D"http://lartc.org/" =
TARGET=3D"_blank">http://lartc.org/</A></FONT>
<BR><FONT =
SIZE=3D2>_______________________________________________</FONT>
<BR><FONT SIZE=3D2>LARTC mailing list / LARTC@mailman.ds9a.nl</FONT>
<BR><FONT SIZE=3D2><A =
HREF=3D"http://mailman.ds9a.nl/mailman/listinfo/lartc" =
TARGET=3D"_blank">http://mailman.ds9a.nl/mailman/listinfo/lartc</A> =
HOWTO: <A HREF=3D"http://lartc.org/" =
TARGET=3D"_blank">http://lartc.org/</A></FONT>
</P>

</BODY>
</HTML>
------_=_NextPart_001_01C21601.6E37E350--
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/