LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-03-2007, 09:28 AM   #1
fayax
LQ Newbie
 
Registered: Nov 2005
Posts: 15

Rep: Reputation: 0
Enable SNAT with IPTABLES on FC5


I have this setup on my FC5 machine.

WAN Interface (eth1)
IP: 10.12.69.3
Mask: 255.255.255.0
GW: 10.12.69.2


LAN Interface (eth0)
IP: 192.168.1.3
Mask: 255.255.255.0

I want to enable NAT with iptables on this machine. And to host service on port 25 and 110 where internet users can access the service.
I have enabled port forwarding on my router to 192.168.1.3

I greatly appreciate if anyone could help me with this.

Thanks in advance.
 
Old 08-03-2007, 10:05 AM   #2
artiomix
LQ Newbie
 
Registered: Apr 2007
Posts: 16

Rep: Reputation: 0
Try this iptables rule to enable NAT for 192.168.1.0 network:

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

make sure that 'nat' table is flushed (iptables -t nat -L) or flush it by command 'iptables -t nat -F'.

After NAT is enabled just put 192.168.1.3 as default gateway entry at 192.168.1.0 network subscribers' PCs.

Good luck!
 
Old 08-03-2007, 10:14 AM   #3
sckirklan
LQ Newbie
 
Registered: Aug 2007
Location: Kansas, USA
Distribution: Debian Etch, CentOS 5, Fedora Core 5 & 6, Fedora 7, Helix
Posts: 6

Rep: Reputation: 0
Does not your router already support masquerading if you're using privates on that email box?
 
Old 08-03-2007, 10:45 AM   #4
fayax
LQ Newbie
 
Registered: Nov 2005
Posts: 15

Original Poster
Rep: Reputation: 0
I want to create SNAT. Not masquerade.
 
Old 08-03-2007, 12:15 PM   #5
sckirklan
LQ Newbie
 
Registered: Aug 2007
Location: Kansas, USA
Distribution: Debian Etch, CentOS 5, Fedora Core 5 & 6, Fedora 7, Helix
Posts: 6

Rep: Reputation: 0
iptables -t nat -a POSTROUTING -o $WAN -j SNAT --to $WANIP

However, I suspect if your router is a masquerading to your private addressed server you've still more work ahead of yourself.
 
Old 08-03-2007, 03:31 PM   #6
fayax
LQ Newbie
 
Registered: Nov 2005
Posts: 15

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by sckirklan
iptables -t nat -a POSTROUTING -o $WAN -j SNAT --to $WANIP

However, I suspect if your router is a masquerading to your private addressed server you've still more work ahead of yourself.
What else do i need to do?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTables snat help DukeLeto Linux - Networking 1 10-01-2006 11:49 AM
iptables port80 forward and snat pthegreat Linux - Security 5 01-16-2006 09:03 PM
iptables port80 forward and snat pthegreat Red Hat 1 01-13-2006 03:25 PM
IPTABLES DNAT SNAT Re-Addressing jccurtis Linux - Networking 1 01-03-2006 04:41 PM
IPtables: SNAT & Aliasing kegwell Linux - Security 2 01-05-2005 08:55 PM


All times are GMT -5. The time now is 11:15 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration