RE: Linux NAT questions

From: Michel Wilson (michel@procyon14.yi.org)
Date: Wed May 02 2001 - 04:12:57 EST


> what I am trying to do is this. I have a genuine network, say 1.1.1.x, and
> my Linux host is on it, as 1.1.1.252 (eth0). I also have a second
> network at
> the back of the Linux box, 192.168.200.x, and a web server on
> that network,
> 192.168.200.2. The Linux address is 192.168.200.1 on eth1.
>
> What I want to do is make the web server appear on the 1.1.1.x network as
> 1.1.1.160. I have done this before with Firewall-1 on NT, by
> putting an arp
> entry for 1.1.1.160 to point to the Linux machine eth0. The packets get
> redirected into the Linux machine, then translated, and then routed out of
> eth1.
>
> The benefit is that there is no routing change to the 1.1.1.x network, and
> the Linux box isn't even seen as a router.
>
> I would appreciate any help with this. Any command to do this?
>
> Chee Tong
This isn't really a kernel question. I think you'd better ask it on some
linux network list/newsgroup. But here's an answer anyway....

You could add 1.1.1.160 to eth0:
   ip addr add 1.1.1.160 dev eth0
and then use NAT to redirect these to the webserver:
   iptables -t nat -A PREROUTING -p tcp --dst 1.1.1.160 -i eth1 -j
DNAT --to-destination 192.168.200.2

This should work, AFAIK, but i didn't try it myself. You could also try to
use the arp command (see 'man arp'), but i don't know exactly how that
works.

Good luck!

Michel Wilson.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Mon May 07 2001 - 21:00:12 EST