On Wed, 22 Mar 2000, Andre Pang wrote:
[snip]
> Users should also understand that IP Masquerading will only work out a
> physical interface such as eth0, eth1, etc. MASQing out an aliased interface
> such as "eth0:1, eth1:1, etc" will NOT work. In other words, the following
> WILL NOT WORK:
>
> /sbin/ipfwadm -F -a m -W eth0:1 -S 192.168.0.0/24 -D 0.0.0.0/0
> /sbin/ipchains -A forward -i eth0:1 -s 192.168.0.0/24 -j MASQ"
>
> what you're looking for is something called 'static NAT'. netfilter
> (ie: the 2.3/2.4 kernels) support this, IIRC. unfortunately i don't think
> there's a solution for 2.2.x, unless somebody else interjects here..
The fast nat code in 2.2 does static NAT just fine. Since the docs are
thin here is a config from around here: (outside adress premangled for
posting)
#Translate 10.10.72.1<->166.123.16.129
/sbin/ip rule add from 10.10.72.1 nat 166.123.16.129 table main
/sbin/ip route add nat 166.123.16.129 via 10.10.72.1 table local
It can also do ranged static nat, and other strange things.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Mar 23 2000 - 21:00:36 EST