NAT only selected bridges - Pekka Järvinen

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: "Pekka Järvinen" <pekkajarvinen@kolumbus.fi>
To: netfilter@vger.kernel.org
Subject: NAT only selected bridges
Date: Mon, 07 Jul 2008 01:49:37 +0300	[thread overview]
Message-ID: <48714C01.6000207@kolumbus.fi> (raw)

Hello,

I have
VLAN 111 - LAN
VLAN 222 - WLAN
VLAN 333 - ADSL Modem
VLAN 444 - Internet (connecting through VLAN 333)

br0 - Internet
br1 - LAN 192.168.0.0/24
br2 - WLAN 192.168.1.0/24

With current setup br1 and br2 are NAT'ed correctly but connections 
coming straight from br0 are NAT'ed too for some reason.

So I'm trying to set up rules for something like:
NAT br1 and br2 and don't change IP addresses coming directly from br0 
(or VLAN 444).


Here's /etc/network/interfaces:
auto lo
iface lo inet loopback

allow-hotplug eth0
allow-hotplug eth1

iface eth0 inet static
iface eth1 inet static

auto br0
auto br1
auto br2

# Internet bridge
iface br0 inet static
        address 62.204.1.12
        netmask 255.255.255.128
        gateway 62.204.1.1
        bridge_ports eth1.333 eth0.444
        bridge_stp on
        post-up iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
        pre-down iptables -t nat -D POSTROUTING -o br0 -j MASQUERADE

# LAN bridge
iface br1 inet static
        address 192.168.0.1
        netmask 255.255.255.0
        bridge_ports eth0.111
        bridge_stp on

# WLAN bridge
iface br2 inet static
        address 192.168.1.1
        netmask 255.255.255.0
        bridge_ports eth0.222
        bridge_stp on

# -----

ipv4 forward is enabled.

-- 
Pekka Järvinen

                 reply	other threads:[~2008-07-06 22:49 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=48714C01.6000207@kolumbus.fi \
    --to=pekkajarvinen@kolumbus.fi \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox