LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-01-2006, 03:49 PM   #1
cashton2k
Member
 
Registered: May 2004
Posts: 46

Rep: Reputation: 15
iptablies questions


hi, could someone check that im understanding these iptables commands properly?

(eth0 external interface)

firstly

iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j DNAT --to-destination 192.168.100.1

is this a form of port address translation which will send all incoming packets on port 80 to machine 192.168.100.1?

secondly


whats the diff between these 2 commands? i dont totally get masquerade

iptables -A POSTROUTING -t nat -s 192.168.0.0/16 -o eth0 -j SNAT --to-source 192.168.0.254


iptables -A POSTROUTING -t nat -s 192.168.0.0/16 -o eth0 -j MASQUERADE

cheers for any help
 
Old 12-01-2006, 03:57 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
yeah your first command looks fine, and as for the difference, it's more a convenience really. masquarading just means to forward the packet on addressed from that interface, rather than having to specify an actual ip address. if you change the ip of the box, the address the masq entry uses will implictly change too. there are many scenarios you'd want to nat to a certain ip address, but it's a lot simpler to just say "snat it to me" whoever you actually are.
 
Old 12-01-2006, 04:39 PM   #3
cashton2k
Member
 
Registered: May 2004
Posts: 46

Original Poster
Rep: Reputation: 15
cheers for the help, i understand it more now cheers,

just one final quick question, whats the differance between port address translation and port forwarding?

cheers
 
Old 12-02-2006, 03:50 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
forwarding sends a request to another box, port translation changes the port being connected to (and potentially forwarding too)
 
Old 12-02-2006, 12:25 PM   #5
cashton2k
Member
 
Registered: May 2004
Posts: 46

Original Poster
Rep: Reputation: 15
ah cool i get it now, cheers for the help again

ta
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
basic questions on hostname and domain name + related postfix questions Moebius Linux - Newbie 7 09-04-2007 12:50 PM
Solaris - Questions! Questions! Questions! qs_tahmeed Solaris / OpenSolaris 2 07-16-2005 06:27 AM
window manager questions and/or theme questions t3gah Linux - Software 2 02-27-2005 05:16 PM
two questions Xerop Linux - Hardware 7 05-20-2004 12:01 PM
Questions excaliber Slackware 14 07-12-2003 03:57 PM


All times are GMT -5. The time now is 06:43 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration