From mboxrd@z Thu Jan 1 00:00:00 1970 From: "zeinali" Subject: static nat with iptables Date: Sun, 22 Feb 2004 10:39:09 +0330 Sender: netfilter-admin@lists.netfilter.org Message-ID: <000501c3f912$c70bc230$190da8c0@iomco.com> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0006_01C3F930.1D3B2E30" Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: netfilter@lists.netfilter.org This is a multi-part message in MIME format. ------=_NextPart_000_0006_01C3F930.1D3B2E30 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Dear sir Pls kindly help me I have a private address like 192.168.20.19/24 and I have a public address like 213.29.76.153/27 im going to translate (STATIC NAT) my private ip address to public address (213.29.76.19) with iptables Meanwhile my router is redhat linux 8.0 and have 2 network adapter like below Eth0 192.168.20.1 /24 (connect to private network) Eth1 213.29.76.154 /27 (connected to internet ) Many Thanks&Best Regards Behnam Zeinali Internet Dept. www.maadiran.com ------=_NextPart_000_0006_01C3F930.1D3B2E30 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Dear sir

Pls kindly help me

I have a private address like 192.168.20.19/24 and I = have a public address like 213.29.76.153/27 im going to translate (STATIC NAT) = my private ip address to public address (213.29.76.19) with = iptables

Meanwhile my router is redhat linux 8.0 and have 2 = network adapter like below

Eth0 192.168.20.1 /24 (connect to private = network)

Eth1 213.29.76.154 /27 (connected to internet = )

Many Thanks&Best Regards

= Behnam Zeinali

= Internet Dept.

www.maadiran.com

------=_NextPart_000_0006_01C3F930.1D3B2E30-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: "John Black" Subject: Re: static nat with iptables Date: Sun, 22 Feb 2004 09:13:06 -0600 Sender: netfilter-admin@lists.netfilter.org Message-ID: <002201c3f956$60983f80$ed02fea9@black> References: <000501c3f912$c70bc230$190da8c0@iomco.com> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_001F_01C3F924.1512D340" Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: netfilter@lists.netfilter.org This is a multi-part message in MIME format. ------=_NextPart_000_001F_01C3F924.1512D340 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable is your eth0 ip address a static ip or dynamic? if it is static try = this: iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED, = RELATED -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT iptables -A FORWARD -j LOG iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -o eth1 -j SNAT --to = 213.29.76.153 Dear sir=20 Pls kindly help me I have a private address like 192.168.20.19/24 and I have a public = address like 213.29.76.153/27 im going to translate (STATIC NAT) my = private ip address to public address (213.29.76.19) with iptables Meanwhile my router is redhat linux 8.0 and have 2 network adapter = like below Eth0 192.168.20.1 /24 (connect to private network) Eth1 213.29.76.154 /27 (connected to internet ) =20 ------=_NextPart_000_001F_01C3F924.1512D340 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

is your eth0 ip address a static ip or=20 dynamic? if it is static try=20 this:

iptables -A FORWARD -i eth1 -o eth0 -m = state=20 --state ESTABLISHED, RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o = eth1 -j=20 ACCEPT
iptables -A FORWARD -j LOG

iptables -t nat -A POSTROUTING -s = 192.168.20.0/24=20 -o eth1 -j SNAT --to 213.29.76.153

Dear sir =

Pls kindly help=20 me

I have a private address = like=20 192.168.20.19/24 and I have a public address like 213.29.76.153/27 im = going to=20 translate (STATIC NAT) my private ip address to public address = (213.29.76.19)=20 with iptables

Meanwhile my router is = redhat=20 linux 8.0 and have 2 network adapter like below

Eth0 192.168.20.1 = /24 =20 (connect to private network)

Eth1 213.29.76.154 /27 = (connected=20 to internet )

------=_NextPart_000_001F_01C3F924.1512D340-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Mussie Gebregziabiher" Subject: RE: static nat with iptables Date: Sun, 22 Feb 2004 15:59:08 -0500 Sender: netfilter-admin@lists.netfilter.org Message-ID: References: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Return-path: In-Reply-To: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="iso-8859-1" To: netfilter@lists.netfilter.org Make sure that ip_forwarding is enabled. Not sure if it is enabled by default.=20 cat /etc/sysctl.conf=20 # Controls IP packet forwarding net.ipv4.ip_forward =3D 1 Good luck! -MGG -----Original Message----- From: netfilter-admin@lists.netfilter.org [mailto:netfilter-admin@lists.netfilter.org] On Behalf Of John Black Sent: Sunday, February 22, 2004 10:13 AM To: netfilter@lists.netfilter.org Subject: Re: static nat with iptables is your eth0 ip address a static ip or dynamic?=A0 if it is static try = this: =A0 iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED, = RELATED -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT iptables -A FORWARD -j LOG =A0 iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -o eth1=A0 -j SNAT = --to 213.29.76.153 =A0 =A0 Dear sir=20 Pls kindly help me I have a private address like 192.168.20.19/24 and I have a public = address like 213.29.76.153/27 im going to translate (STATIC NAT) my private ip address to public address (213.29.76.19) with iptables Meanwhile my router is redhat linux 8.0 and have 2 network adapter like below Eth0 192.168.20.1 /24=A0 (connect to private network) Eth1 213.29.76.154 /27 (connected to internet ) =A0 From mboxrd@z Thu Jan 1 00:00:00 1970 From: "John A. Sullivan III" Subject: RE: static nat with iptables Date: Sun, 22 Feb 2004 23:34:55 -0500 Sender: netfilter-admin@lists.netfilter.org Message-ID: <1077510895.15548.3.camel@localhost> References: Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="us-ascii" To: Mussie Gebregziabiher , netfilter@lists.netfilter.org Perhaps I misunderstood the e-mail but is the address to which you are NATting on the same network as your public interface? I don't think 213.29.76.154/27 and 213.29.76.19/27 are on the same network - John On Sun, 2004-02-22 at 15:59, Mussie Gebregziabiher wrote: > Make sure that ip_forwarding is enabled. Not sure if it is enabled by > default. > > cat /etc/sysctl.conf > > # Controls IP packet forwarding > net.ipv4.ip_forward = 1 > > Good luck! > > -MGG > > -----Original Message----- > From: netfilter-admin@lists.netfilter.org > [mailto:netfilter-admin@lists.netfilter.org] On Behalf Of John Black > Sent: Sunday, February 22, 2004 10:13 AM > To: netfilter@lists.netfilter.org > Subject: Re: static nat with iptables > > is your eth0 ip address a static ip or dynamic? if it is static try this: > > iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED, RELATED -j > ACCEPT > iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT > iptables -A FORWARD -j LOG > > iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -o eth1 -j SNAT --to > 213.29.76.153 > > > Dear sir > Pls kindly help me > I have a private address like 192.168.20.19/24 and I have a public address > like 213.29.76.153/27 im going to translate (STATIC NAT) my private ip > address to public address (213.29.76.19) with iptables > Meanwhile my router is redhat linux 8.0 and have 2 network adapter like > below > Eth0 192.168.20.1 /24 (connect to private network) > Eth1 213.29.76.154 /27 (connected to internet ) > -- Open Source Development Corporation Financially Sustainable open source development http://www.opensourcedevelopmentcorp.com