Hi!
I setup a firewall that connect to two separate Internet
connection. Not the firewall need to do DNAT forwarding (port
forwarding) using iptables to several servers inside LAN. Do you
know how to do that?
I did make the firewall reachable from second Internet
connection using iproute2 setup on different routing table. Bu
how to forward this to other server? The other server will reply
to single firewall address, how the firewall redirect reply from
second Internet connection back to the second Internet
connection?
I tried using SNAT/Masqurading on the connection going out the
firewall, but it doesn't work. First I tried using marking:
iptables -t mangle -A PREROUTING -d <address-of-2nd-internet> -j MARK --set-mark 0xb
iptables -t nat -A POSTROUTING -m mark --mark 0xb -j SNAT --to-source <fw-address-in-LAN>
This doesn't work. Then I tried just SNAT all connection:
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <fw-address-in-LAN>
But this doesn't work either.
Any idea?
I use linux 2.4.31-grsec with iptables v1.3.1
Thank you!
--
Stephan Paul Arif Sahari Wibowo
_____ _____ _____ _____
/____ /____/ /____/ /____
_____/ / / / _____/
http://www.arifsaha.com/
Similar Threads
Linear Mode
