HELP ON LINUX-2.2.4 and IPROUTE2 AGAIN

Sylvain FAVRE (sfavre@bil.fr)
Fri, 23 Apr 1999 11:02:31 +0200


This is a multi-part message in MIME format.
--------------87D7859055AE495656DCF544
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Do someone improved fast NAT on more than two interfaces ?

I try to do static nat on internet , I have two privates networks , one
DMZ , one internet access.

When I define the NAT rule , I have one problem

when the packet comes from the dmz , they are translate for all
interfaces . But I only want translate on internet interface. But when
the packet are going to the DMZ , only internet packets are translate.

I try two definitions :

ip rule add from XX.XX.XX.XX nat YY.YY.YY.YY table main
ip route add nat YY.YY.YY.YY via XX.XX.XX.XX table local

or

ip rule add dev eth0 from XX.XX.XX.XX nat YY.YY.YY.YY table main
ip route add nat YY.YY.YY.YY via XX.XX.XX.XX table local

where XX.XX.XX.XX is my adress on the DMZ and YY.YY.YY.YY is my adress
on internet.

Can someone help me ?

--
-----------------------------------------------
Sylvain FAVRE           sfavre@bil.fr
                        sfavre@club-internet.fr

--------------87D7859055AE495656DCF544 Content-Type: text/x-vcard; charset=us-ascii; name="sfavre.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Sylvain FAVRE Content-Disposition: attachment; filename="sfavre.vcf"

begin:vcard n:FAVRE;Sylvain tel;cell:06-61-12-94-57 x-mozilla-html:TRUE adr:;;;;;; version:2.1 email;internet:sfavre@bil.fr x-mozilla-cpt:;-19392 fn:Sylvain FAVRE end:vcard

--------------87D7859055AE495656DCF544--

- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu