Re: DNS and NAT - Jason Opperisano

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Jason Opperisano <opie@817west.com>
To: netfilter@lists.netfilter.org
Subject: Re: DNS and NAT
Date: Mon, 11 Jul 2005 15:41:13 -0400	[thread overview]
Message-ID: <20050711194113.GA17435@bender.817west.com> (raw)
In-Reply-To: <BAY17-F36B44F4732DA14870599CE80DC0@phx.gbl>

On Mon, Jul 11, 2005 at 12:37:31PM -0700, Suzana Lojic-Skoric wrote:
> Does DNS work with iptables NAT or I need some kind of ALG to get DNS 
> answers translated?
> 
> I am using Mandrake Linux 10.0. I have two way NAT going on and I am trying 
> to get DNS requests through the NAT. I got FTP, HTTP and SMTP working 
> through the NAT, but DNS is not working properly, DNS answer is not getting 
> translated.

nor should it be.

> Source and Destination addresses in DNS message are properly 
> translated, but the actual answer (the ip address embedded in the message) 
> is not translated.

which is exactly how it's supposed to work.  how the $%#@ is iptables
supposed to know what to rewrite the answer to?

if you are using BIND, look into the functionality offered by "views."

-j

--
"Peter: You know, I oughta just give you some beer. Goes straight
 through you. 
 Stewie: Wonderful. And while we're at it, we can light up a doobie and
 watch porn. 
 Peter: Eh... yeah?"
        --Family Guy

next prev parent reply	other threads:[~2005-07-11 19:41 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-07-11 19:37 DNS and NAT Suzana Lojic-Skoric
2005-07-11 19:41 ` Jason Opperisano [this message]
2005-07-11 20:33   ` Suzana Lojic-Skoric
2005-07-11 20:44     ` Jason Opperisano
2005-07-11 21:25     ` /dev/rob0
2005-07-11 21:36       ` Jan Engelhardt
2005-07-12  4:05     ` R. DuFresne
  -- strict thread matches above, loose matches on Subject: below --
2005-07-13 17:10 Suzana Lojic-Skoric
2005-07-14 13:29 ` Jörg Harmuth
2005-07-14 15:50   ` Suzana Lojic-Skoric
2005-07-14 16:00     ` primero
2005-07-14 20:33       ` Suzana Lojic-Skoric
2005-07-15  8:53         ` Jörg Harmuth
2005-07-15 16:30           ` Suzana Lojic-Skoric
2005-07-15 16:45             ` R. DuFresne
2005-07-15 17:04               ` Suzana Lojic-Skoric
2005-07-15 18:52             ` Francesco Ciocchetti
2005-07-15 19:10               ` Suzana Lojic-Skoric
2005-07-15 19:51               ` Suzana Lojic-Skoric

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20050711194113.GA17435@bender.817west.com \
    --to=opie@817west.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox