LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   General Question IPTABLES with DHCP (https://www.linuxquestions.org/questions/linux-newbie-8/general-question-iptables-with-dhcp-745140/)

laurens 08-04-2009 06:01 PM
General Question IPTABLES with DHCP
 
On my gateway 192.168.0.1 I have the following configuration for my network interfaces
Code:
debian1:/home# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0c:29:3a:64:49
          inet addr:192.168.126.128  Bcast:192.168.126.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe3a:6449/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:48240 errors:0 dropped:0 overruns:0 frame:0
          TX packets:21633 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:60015843 (57.2 MiB)  TX bytes:1623577 (1.5 MiB)
          Interrupt:19 Base address:0x2000

eth1      Link encap:Ethernet  HWaddr 00:0c:29:3a:64:53
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe3a:6453/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:24433 errors:0 dropped:0 overruns:0 frame:0
          TX packets:44292 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2138382 (2.0 MiB)  TX bytes:53612898 (51.1 MiB)
          Interrupt:19 Base address:0x2080

eth2      Link encap:Ethernet  HWaddr 00:0c:29:3a:64:5d
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe3a:645d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5017 errors:0 dropped:0 overruns:0 frame:0
          TX packets:62 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:582408 (568.7 KiB)  TX bytes:3036 (2.9 KiB)
          Interrupt:16 Base address:0x2400

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:67 errors:0 dropped:0 overruns:0 frame:0
          TX packets:67 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:19932 (19.4 KiB)  TX bytes:19932 (19.4 KiB)
Now, I never really understood if IPTABLES works as good with DHCP on one of the adapters.

E.g. First, situation1 where eth1 (connected to internet) has a static IP address, 172.23.81.248
Code:
# Natting
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 172.23.81.248
Situation2: when you don't have a static IP but a DHCP IP, can you replace the IP address -simply- with the interface (here eth1) ?!
Code:
# Natting
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to eth1
If so, is this the best method?

Thanks a advance for clarifying !

laurens 08-05-2009 01:45 AM
No one ?

fotoguy 08-05-2009 04:35 AM
If your internet interface is using DHCP then you use masquerading instead of snat.

Quote:
/sbin/modprobe ipt_MASQUERADE
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

laurens 08-05-2009 05:43 AM
Quote:
Originally Posted by fotoguy (Post 3632006)
If your internet interface is using DHCP then you use masquerading instead of snat.
Seems logical, thanks! But, anyway, it is possible use IPTABLES with their interface id like "from eth0 -to- eth1" (hypothetical)


All times are GMT -5. The time now is 07:25 AM.