LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-04-2009, 07:01 PM   #1
laurens
Member
 
Registered: Mar 2009
Posts: 65

Rep: Reputation: 15
General Question IPTABLES with DHCP


On my gateway 192.168.0.1 I have the following configuration for my network interfaces
Code:
debian1:/home# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0c:29:3a:64:49
          inet addr:192.168.126.128  Bcast:192.168.126.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe3a:6449/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:48240 errors:0 dropped:0 overruns:0 frame:0
          TX packets:21633 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:60015843 (57.2 MiB)  TX bytes:1623577 (1.5 MiB)
          Interrupt:19 Base address:0x2000

eth1      Link encap:Ethernet  HWaddr 00:0c:29:3a:64:53
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe3a:6453/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:24433 errors:0 dropped:0 overruns:0 frame:0
          TX packets:44292 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2138382 (2.0 MiB)  TX bytes:53612898 (51.1 MiB)
          Interrupt:19 Base address:0x2080

eth2      Link encap:Ethernet  HWaddr 00:0c:29:3a:64:5d
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe3a:645d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5017 errors:0 dropped:0 overruns:0 frame:0
          TX packets:62 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:582408 (568.7 KiB)  TX bytes:3036 (2.9 KiB)
          Interrupt:16 Base address:0x2400

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:67 errors:0 dropped:0 overruns:0 frame:0
          TX packets:67 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:19932 (19.4 KiB)  TX bytes:19932 (19.4 KiB)
Now, I never really understood if IPTABLES works as good with DHCP on one of the adapters.

E.g. First, situation1 where eth1 (connected to internet) has a static IP address, 172.23.81.248
Code:
# Natting
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 172.23.81.248
Situation2: when you don't have a static IP but a DHCP IP, can you replace the IP address -simply- with the interface (here eth1) ?!
Code:
# Natting
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to eth1
If so, is this the best method?

Thanks a advance for clarifying !
 
Old 08-05-2009, 02:45 AM   #2
laurens
Member
 
Registered: Mar 2009
Posts: 65

Original Poster
Rep: Reputation: 15
No one ?
 
Old 08-05-2009, 05:35 AM   #3
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: KirraMail Live Email Server
Posts: 1,285

Rep: Reputation: 61
If your internet interface is using DHCP then you use masquerading instead of snat.

Quote:
/sbin/modprobe ipt_MASQUERADE
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 
Old 08-05-2009, 06:43 AM   #4
laurens
Member
 
Registered: Mar 2009
Posts: 65

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by fotoguy View Post
If your internet interface is using DHCP then you use masquerading instead of snat.
Seems logical, thanks! But, anyway, it is possible use IPTABLES with their interface id like "from eth0 -to- eth1" (hypothetical)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables and DHCP maas187 Linux - Security 2 11-01-2008 12:46 AM
dhcp and iptables toombs Linux - Security 8 02-10-2007 03:33 AM
Iptables + DHCP kemplej Linux - Security 1 09-18-2004 02:05 AM
iptables general question blackzone Linux - Networking 1 07-23-2004 02:11 PM
DHCP Iptables rob_roman23 Linux - Networking 2 09-05-2002 12:52 PM


All times are GMT -5. The time now is 11:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration