set up my DMZ - hamals

All of lore.kernel.org
 help / color / mirror / Atom feed

From: <hamals@infinito.it>
To: netfilter@lists.netfilter.org
Subject: set up my DMZ
Date: Fri, 17 Sep 2004 11:37:38 +0200	[thread overview]
Message-ID: <web-3590363@infinito.it> (raw)

I've a DMZ with two server, I would like to acces them 
through my iptables firewall.

IP_serve1_DMZ =192.168.2.2
IP_serve2_DMZ =192.168.2.3

IP_server1_public = x.x.x.52
IP_server2_public = x.x.x.53 (x is for privacy..)

My firewall has

eth1 internet interface = x.x.x.50
eth0 dmz interface = 192.168.2.1

I need to have my server access with their pubbic IP, but 
I've only eth1 as inteface to internet.

I read that I can't use alias in iptables rules (like 
eth1:1 etc) , then what kind of rules have I to write to 
solve my problem?

I did this script but is it not working,
what do you think is wrong in it?

#!/bin/bash

iptables -F

iptables -t nat -F

iptables -t mangle -F

# filter table everythingd is ACCEPT  only to follow the 
easyest way#

iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

## make DMZ -> internet ##

iptables -t nat -A POSTROUTING -s 192.168.2.1 -o eth1 -j 
SNAT --to-source 82.190.228.52

## make internet -> DMZ ##

iptables -t nat -A PREROUTING -i eth1 -d x.x.x.52 -j DNAT 
--to-destination 192.168.2.1

Thanks
_______________________________________
Connessione ed e-mail gratuita da 10 mb
consultabile tramite web e tramite pop.
www.infinito.it vieni a scoprire tutti 
i nostri servizi!

http://www.infinito.it/xmail

next             reply	other threads:[~2004-09-17  9:37 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-09-17  9:37 hamals [this message]
2004-09-17 11:13 ` set up my DMZ Jason Opperisano
  -- strict thread matches above, loose matches on Subject: below --
2004-09-16 14:44 hamals
2004-09-16 16:45 ` John A. Sullivan III
2004-09-16 17:39 ` Jason Opperisano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=web-3590363@infinito.it \
    --to=hamals@infinito.it \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.