All of lore.kernel.org
 help / color / mirror / Atom feed
From: Chris Wilson <chris@netservers.co.uk>
To: "Gonzalez, Federico" <fgonzalez@goyaike.com>
Cc: Rio Martin <rio@martin.mu>, Netfilter <netfilter@lists.netfilter.org>
Subject: Re: DNAT question..
Date: Thu, 24 Jul 2003 15:15:10 +0100 (BST)	[thread overview]
Message-ID: <Pine.LNX.4.44.0307241510310.20694-100000@localhost> (raw)
In-Reply-To: <3F1FDDFB.469242E1@goyaike.com>

Hi Federico,

>    I think the problem is in the destination IP address, you have to use the
> external IP, so i think the rule should be:
> 
> iptables -t nat -A POSTROUTING -p tcp -s 192.168.1.0/24 -d 211.1.1.10
>    --dport 80 -j SNAT --to 192.168.1.1

I don't think that's true in this case. As far as I know, after the
destination address has been rewritten in PREROUTING, all subsequent hooks
(FORWARD and POSTROUTING) will see the new destination address, not the
original. But please correct me if I'm wrong.

[By the way, you sent your reply to me, not to Rio or the Netfilter list.]

Cheers, Chris.
-- 
   ___ __     _
 / __// / ,__(_)_  | Chris Wilson -- UNIX Firewall Lead Developer |
/ (_ / ,\/ _/ /_ \ | NetServers.co.uk http://www.netservers.co.uk |
\ _//_/_/_//_/___/ | 21 Signet Court, Cambridge, UK. 01223 576516 |




       reply	other threads:[~2003-07-24 14:15 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <3F1FDDFB.469242E1@goyaike.com>
2003-07-24 14:15 ` Chris Wilson [this message]
2003-07-25  2:41   ` DNAT question Rio Martin.
2006-02-14 20:48 dnat question James Edward Stickland
2006-02-15  0:23 ` Edmundo Carmona
  -- strict thread matches above, loose matches on Subject: below --
2005-10-07  3:32 Gene Dellinger
2004-06-14 17:05 DNAT question Arnauts, Bert
2004-06-14 14:35 Arnauts, Bert
2004-06-14 14:51 ` Antony Stone
2004-06-14 15:12 ` John A. Sullivan III
2004-06-15 11:40 ` John A. Sullivan III
2004-03-12  2:14 Old Cowhand
2004-02-23 21:23 dnat question John Black
2004-02-24  4:18 ` John A. Sullivan III
2004-02-25 15:48   ` Antony Stone
2004-02-24  8:56 ` Antony Stone
2003-07-24  7:00 DNAT question Rio Martin.
2003-07-24  8:29 ` Philip Craig
2003-07-24  8:56   ` Rio Martin.
2003-07-24  9:42     ` Chris Wilson
2003-07-24 13:37       ` Gonzalez, Federico
2003-07-24 14:16         ` Cedric Blancher

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Pine.LNX.4.44.0307241510310.20694-100000@localhost \
    --to=chris@netservers.co.uk \
    --cc=fgonzalez@goyaike.com \
    --cc=netfilter@lists.netfilter.org \
    --cc=rio@martin.mu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.