I have installed virtual box ( with Two virtual Adapters(NAT-type)) -
Host (Ubuntu -10.10) - Guest-Opensuse-11.4 .
Objective : Trying to simulate all four types of NAT as defined here :
https://wiki.asterisk.org/wiki/displ...versal+Testing
Simulating the various kinds of NATs can be done using Linux iptables.
In these examples, eth0 is the private network and eth1 is the public
network.
Full-cone
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <public ip
goes here>
iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-destination
<private ip goes here>
Restricted cone
iptables -t nat POSTROUTING -o eth1 -p tcp -j SNAT --to-source <public
ip goes here>
iptables -t nat POSTROUTING -o eth1 -p udp -j SNAT --to-source
<public ip goes here>
iptables -t nat PREROUTING -i eth1 -p tcp -j DNAT --to-destination
<private ip goes here>
iptables -t nat PREROUTING -i eth1 -p udp -j DNAT --to-destination
<private ip goes here>
iptables -A INPUT -i eth1 -p tcp -m state --state ESTABLISHED,RELATED -
j ACCEPT
iptables -A INPUT -i eth1 -p udp -m state --state ESTABLISHED,RELATED -
j ACCEPT
iptables -A INPUT -i eth1 -p tcp -m state --state NEW -j DROP
iptables -A INPUT -i eth1 -p udp -m state --state NEW -j DROP
Port-restricted cone
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <public ip
goes here>
Symmentric
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE --random
iptables -A FORWARD -i eth1 -o eth0 -m state --state
RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
What I did : OpenSuse guest with Two Virtual adapters - eth0 and eth1
-- eth1 with address 10.0.3.15 /eth1:1 as 10.0.3.16 -- eth0 with
address 10.0.2.15
now running stund(
http://sourceforge.net/projects/stun/) client/
server :
Server
eKimchi@linux-6j9k:~/sw/stun/stund> ./server -v -h 10.0.3.15 -a
10.0.3.16
Client
eKimchi@linux-6j9k:~/sw/stun/stund> ./client -v 10.0.3.15 -i 10.0.2.15
On all Four Cases It is giving same results :
test I = 1 test II = 1 test III = 1 test I(2) = 1 is nat = 0 mapped IP
same = 1 hairpin = 1 preserver port = 1 Primary: Open Return value is
0x000001
Q-1 :Please let me know If any has ever done, It should behave like
NAT as per description but nowhere it working as a NAT.
Q-2: How NAT Implemented in Home routers (Usually Port Restricted),
but those also pre-configured iptables rules and tuned Linux
Q-3 : What is the Use of IP_Forwarding ? Is it required only when
network have two interfaces ?
Q-4: Is there any reasoning behind Virtual Interfaces ? that Ip -
Tables doesn't recognize Virtual Interface ?
Similar Threads
Linear Mode
