Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi
I have a RHEL 5.0 server acting a router network which has 4 NIC
NIC1 :10.1.1.1
NIC2 : LIVE IP XXX.YYY.199.1 (XXX.YYY.199.0/24).
NIC3: 192.168.0.1 (connects to the LOCAL LAN PROXY’s)
NIC4: 192.168.15.1 (connects to all servers that are DNAT to LIVE IP from this server and it works fine)
ALL the port are MASQUERADED through NIC1 to the INTERNET
Now I have a LAN PROXY which by itself run network behind itself
i.e RHEL5 server with 2 NIC
NIC1 : 192.168.0.2 having gateway as 192.168.0.1
NIC2 :192.168.10.1 connects to local LAN
I have windows webserver running at port 80 in IP 192.168.10.8 having the gateway as 192.168.10.1
Is it possible to DNAT a live IP XXX.YYY.199.8 to this WINDOWS WEBSERVER (192.168.10.8) to port 80.
Hi
I have a RHEL 5.0 server acting a router network which has 4 NIC
NIC1 :10.1.1.1
NIC2 : LIVE IP XXX.YYY.199.1 (XXX.YYY.199.0/24).
NIC3: 192.168.0.1 (connects to the LOCAL LAN PROXY’s)
NIC4: 192.168.15.1 (connects to all servers that are DNAT to LIVE IP from this server and it works fine)
ALL the port are MASQUERADED through NIC1 to the INTERNET
Now I have a LAN PROXY which by itself run network behind itself
i.e RHEL5 server with 2 NIC
NIC1 : 192.168.0.2 having gateway as 192.168.0.1
NIC2 :192.168.10.1 connects to local LAN
I have windows webserver running at port 80 in IP 192.168.10.8 having the gateway as 192.168.10.1
Is it possible to DNAT a live IP XXX.YYY.199.8 to this WINDOWS WEBSERVER (192.168.10.8) to port 80.
Sanjib Gupta
assuming NIC2 = eth1 also must before any drop rules
It's plain that according your exposed layout, the *ONLY* server that manages live ips is the "router" (the host with 4 NICS), so putting that rule anywhere else, if ever accepted by iptables, is a wrong assumption, and that's why it should be in this router.
But there's a little "typo" in the iptables rule, because that's for https (port 443), and you want only port 80, so confirm the right NIC and replace the --dport 443 with --dport 80 and it should be fine. Then, don't forget the rule to be loaded with the rest of rules after a reboot.
It's plain that according your exposed layout, the *ONLY* server that manages live ips is the "router" (the host with 4 NICS), so putting that rule anywhere else, if ever accepted by iptables, is a wrong assumption, and that's why it should be in this router.
But there's a little "typo" in the iptables rule, because that's for https (port 443), and you want only port 80, so confirm the right NIC and replace the --dport 443 with --dport 80 and it should be fine. Then, don't forget the rule to be loaded with the rest of rules after a reboot.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.