From: /dev/rob0 <rob0@gmx.co.uk>
To: netfilter@lists.netfilter.org
Subject: Re: Route packets from an interface to another
Date: Fri, 9 Sep 2005 16:36:37 -0500 [thread overview]
Message-ID: <200509091636.37287.rob0@gmx.co.uk> (raw)
In-Reply-To: <1224.83.227.26.235.1126295484.squirrel@webmail.2lug.se>
On Friday 2005-September-09 14:51, Jonathan wrote:
> I think so. On box1 I type these commands:
You think so, what? Is there some way I should be able to tell what
you're on about? Please, this top-posting makes it very difficult; show
some consideration for your readers.
> >> > On 9/9/05, Jonathan <phonic@antisocial.nu> wrote:
> >> >> I have the following interface configuration on two boxes:
> >> >> box1: eth0:5 192.121.234.213 netmask 255.255.255.240 broadcast
> 192.121.234.223
>
> >> >> box2: lo:0 192.121.234.213 netmask 255.255.255.255
lo:0 ?? Don't do this. Why are you trying to bind another IP to lo?
> >> >> between box1 and box2 I have a OpenVPN tunnel (endpoints
> >> >> 10.1.0.1 and 10.1.0.2).
Why these IP's? You could simplify by using the remote static IP as the
IP for your home endpoint. IINM you wouldn't need NAT at all.
Remote eth0: 192.121.234.212 netmask 255.255.255.240
Remote tun0: 192.121.234.212 netmask 255.255.255.240
Home tun0 192.121.234.213 netmask 255.255.255.240
When something comes in on eth0 with a destination IP of
192.121.234.213, your kernel knows it needs to go out tun0. If routing
is enabled and nothing blocking it in table filter chain FORWARD, out
it goes.
What you are talking about is indeed possible. I did it myself before
figuring out the better way of doing it. :) You need to do both SNAT
and DNAT.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
next prev parent reply other threads:[~2005-09-09 21:36 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-09 19:51 Route packets from an interface to another Jonathan
2005-09-09 21:36 ` /dev/rob0 [this message]
2005-09-09 21:18 ` Jonathan
2005-09-10 4:45 ` /dev/rob0
2005-09-10 7:54 ` /dev/rob0
2005-09-12 7:56 ` Jonathan
2005-09-13 1:45 ` /dev/rob0
2005-09-12 13:36 ` Rudi Starcevic
[not found] ` <65aa6af905091114314108597e@mail.gmail.com>
2005-09-11 21:32 ` Fwd: " Edmundo Carmona
2005-09-12 14:39 ` Rudi Starcevic
[not found] ` <65aa6af9050911145833fa12fd@mail.gmail.com>
2005-09-11 21:58 ` Edmundo Carmona
2005-09-12 15:06 ` Fwd: " Rudi Starcevic
[not found] ` <65aa6af9050911151962bc24a2@mail.gmail.com>
2005-09-11 22:20 ` Edmundo Carmona
2005-09-12 15:19 ` Rudi Starcevic
2005-09-11 21:34 ` /dev/rob0
2005-09-12 14:47 ` Rudi Starcevic
2005-09-12 14:51 ` Rudi Starcevic
-- strict thread matches above, loose matches on Subject: below --
2007-09-10 12:18 vinod K D
2007-09-10 15:23 ` Grant Taylor
2005-09-09 19:15 Jonathan
2005-09-09 20:22 ` Edmundo Carmona
2005-09-09 19:32 ` Jonathan
[not found] ` <65aa6af905090913353e0d0150@mail.gmail.com>
2005-09-09 20:35 ` Edmundo Carmona
[not found] ` <1224.83.227.26.235.1126295454.squirrel@webmail.2lug.se>
2005-09-09 21:03 ` Edmundo Carmona
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200509091636.37287.rob0@gmx.co.uk \
--to=rob0@gmx.co.uk \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox