Hello all,

I want to DNAT some machines in another subnet.
The target machines have ip's like 11.0.0.x/24

My available lan ip's are 172.239.239.x/27 (255.255.255.224)

These are my rules. Wich are apparently not working.
I created virtual interfaces on eth1, one for each DNAT'ed ip.

What am I missing ? Forget about normal tables stuff, I only want this
machine to do DNAT.

Thx,


INET_IP="172.25.239.208"
INET_IFACE="eth1"
INET_BROADCAST="172.25.239.223"
LAN_IP="11.0.0.1"
LAN_IP_RANGE="11.0.0.0/24"
LAN_IFACE="eth0"
LO_IFACE="lo"
LO_IP="127.0.0.1"
IPTABLES="/sbin/iptables"
echo "1" > /proc/sys/net/ipv4/ip_forward
$IPTABLES --flush
$IPTABLES --table nat --flush
$IPTABLES --delete-chain
$IPTABLES --table nat --delete-chain
$IPTABLES -t nat -A POSTROUTING -o $INET_IFACE -j SNAT --to-source
$INET_IP
$IPTABLES -A FORWARD -i $LAN_IFACE -j ACCEPT
$IPTABLES -t nat -A PREROUTING -d 172.25.239.220/255.255.255.224 -j DNAT
--to 11.0.0.9