Real quick iptables question (I mean real quick)
Don't have a spare box to test, but our perimeter firewall is running U9.04 with iptables. We are moving a website to another network, and there are plenty of how to's but all are doing it on the box itself, not one step above. Meaning, the box the website is on is hosting other sites so can't say take all port 80 and do this, so I want to at the firewall level say move destination ip to here. The examples all show;
# iptables -t nat -D PREROUTING -p tcp –dport 80 -j DNAT –to-destination newip
# iptables -t nat -D POSTROUTING -p tcp -d newip –dport 80 -j MASQUERADE
Now I want to say the above, but since he has 60+ IP's going through him, can you throw a destination IP x.x.x.x or something? Basically I want to at the firewall level say, oh this is coming in for 1.1.1.1:80, masq that to 2.2.2.2:80
Thanks, w/o a box to test on I will do this live and hate doing stuff like this live on a box 60 miles away!
|