|
Can I IP MASQUERADE as more than one address?
It is possible to IP masquerade different hosts on the "internal" network
to different addresses on the "external" network?
I currently have a common configuration like this.
............ gateway box
DSL------>eth1 eth0<-------internal 192.1.68.1.0 network.
I have IP masquerade with a static DSL address and everything works fine.
Been doing it for years.
I would like to do this:
.................... gateway box
DSL x.y.z.1 ----->eth1 eth0<---------internal 192.168.1.0 network
DSL x.y.z.2 ----->eth1:0
eth1:0 set up with alias
I want all boxes except 192.168.1.8 to be masqueraded as x.y.z.1 and
192.168,1.8 to be masqueraded as x.y.z.2
I set up the following IPTABLES rules...
iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1:0 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1:0 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.1.8 -o eth1:0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.1.18 -o eth1 -j MASQUERADE
IP MASQUERADE for 192.168.1.18 is working fine. For now there are only 2 boxes
on the internal network so to keep things simple I just put the rule in for 18
only. But 192.168.1.8 will not work. This box was working OK before when I
was just doing the simple masquerading for all boxes on the internal network.
Am what I am trying to do possible? I would think it should be.
I guess I am doing something wrong but haven't figured it out yet.
Last edited by PeteRossi; 05-05-2006 at 06:29 PM.
|
