[LARTC] nat

[LARTC] nat

[Alexander Brill]

[-- Attachment #1: Type: text/plain, Size: 613 bytes --]

I'm trying to set up a nat here to forward traffic directed to
193.212.64.52 to 192.168.0.7 by using
`ip route add nat 193.212.64.52 via 192.168.0.7`

Doing a traceroute on that shows me it works fine.
But when I try to do it the other way around I seem to be banging my
head against the wall. I follow the instructions per ip-cref:
`ip route add prio 320 from 192.168.0.7 nat 193.212.64.53`. But this
only gives me "RTNETLINK answers: Invalid argument"

Any pointers on what might be wrong?

-- 
Alexander Brill <kiowa@project23.no>
http://www.project23.no
PGP-key: http://alexb.egil.org/key.pub

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 232 bytes --]

Re: [LARTC] nat

[Alexander Brill]

[-- Attachment #1: Type: text/plain, Size: 1551 bytes --]

On Tue, 2002-05-28 at 17:18, Martin A. Brown wrote:
> Alexander,
> 
> Are you sure you do not mean
> 
>   ip rule add prio 320 from 192.168.0.7 nat 193.212.64.53
> 
> It seems that you have no problem with your nat rule, you just forgot 
> about the rule based entry to rewrite the packet outbound.
> 
> Try the above line and then
> 
>   ip route flush cache
> 
> -Martin
> 
> On 28 May 2002, Alexander Brill wrote:
> 
>  : I'm trying to set up a nat here to forward traffic directed to
>  : 193.212.64.52 to 192.168.0.7 by using
>  : `ip route add nat 193.212.64.52 via 192.168.0.7`
>  : 
>  : Doing a traceroute on that shows me it works fine.
>  : But when I try to do it the other way around I seem to be banging my
>  : head against the wall. I follow the instructions per ip-cref:
>  : `ip route add prio 320 from 192.168.0.7 nat 193.212.64.53`. But this
>  : only gives me "RTNETLINK answers: Invalid argument"
>  : 
>  : Any pointers on what might be wrong?
>  : 
>  : 
> 

Hmm, it worked now, even though it was the exact command I gave it
earlier... strange.

But when I try to connect to a host from 192.168.0.7 the host I connect
to still says I'm connecting from 193.212.64.40 (my firewall).

Also, when there will be traffic trying to connect to 193.212.64.52 they
will go through standard iptable-rules, right? Meaning that I must allow
traffic destined for 193.212.64.52 through?


-- 
Alexander Brill <kiowa@project23.no>
http://www.project23.no
PGP-key: http://alexb.egil.org/key.pub

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 232 bytes --]

[LARTC] NAT

[maco heco]

Hi, is there _ANY_ way to identyfy NAT connestions if i want to know is there are ANY 
NAT connections in the company network?

Info:
wlan network, many routers, many wireless access points
many users
no shaping to the outgoing world (Internet)
want to BAN NAT connections

thanx

maco

--
maco@maco.sk
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/