Thread: setting up NAT using iptables...

  1. 09-22-2004 #1
    vasanth
    vasanth is offline
    Its not rocket science vasanth's Avatar
    Join Date
    Jan 2002
    Posts
    1,683

    setting up NAT using iptables...

    Ok here is my situation...


    i have a linux server running Gentoo with two network interface cards connected to 2 different newtorks....


    lets say that the two cards have the ip... 132.0.0.1 and 93.0.0.1 and i have a machine each on the two networks with say ip. 93.0.0.2 and 132.0.0.2 ..


    now 93.0.0.2 is running a server application on port 2000. I need the machine 132.0.0.2 to access this service trhough the linux machine......


    Its fine if the server thinks that the client is the linux machine and the client thinks that the linux machine is the server.... I need the linux machine to do some kind of reverse NAT... Some one told me that i oculd do this through iptables but I am quite new to linux and have no idea how to do this.. can some one show me how i can configure iptables to do this..(with commands please..)..


    and its TCP packets which needs to be fowarded and I have root permission on the linux machine... and I cant change the network configuration...

    thanx in advance
    http://www.geekpursuit.com
  2. 09-23-2004 #2
    CornedBee
    CornedBee is offline
    Cat without Hat CornedBee's Avatar
    Join Date
    Apr 2003
    Posts
    8,895
    I don't quite see the problem, unless you have the system set up to disallow generic routing.

    Ok, just a few abbreviations. loc1 is the 132.* network, loc2 the 93.*. rout is the server that connects both, serv is 132.0.0.2 and clie is 93.0.0.2.

    Basically, if you do a
    telnet serv 2000
    on clie, it should contact successfully, and the default routing function of rout should take care of everything.

    Ok, what if clie is not aware of loc1...
    Basically, this rule (shorewall format, shouldn't be too hard to translate to an iptable call) should automatically route all requests to rout's port 2000 to serv:
    action from to protocol port
    DNAT loc2 loc1:132.0.02 tcp 2000

    If that doesn't solve your problem, I need a better description.
    All the buzzt!
    CornedBee

    "There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
    - Flon's Law
  3. 09-23-2004 #3
    vasanth
    vasanth is offline
    Its not rocket science vasanth's Avatar
    Join Date
    Jan 2002
    Posts
    1,683
    ok they are two complete different networks with independent DHCP servers.... now the linux machine i am sepaking about has access to both these networks through the 2 NIC cards it has..... but other than this the 2 networks have no link.... so i want to use this machine as a bridge or something which will allow me to communicate between the two networks.. (actually just need to access a server on the other network)...
    http://www.geekpursuit.com
  4. 09-23-2004 #4
    CornedBee
    CornedBee is offline
    Cat without Hat CornedBee's Avatar
    Join Date
    Apr 2003
    Posts
    8,895
    Can't you tell both DHCP servers to tell the machines to use the linux machine as gateway? Then have the linux machine use whatever computer connects to the internet as gateway.

    Are they both non-routable networks? (192.168.* and another block)
    All the buzzt!
    CornedBee

    "There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
    - Flon's Law
  5. 09-24-2004 #5
    vasanth
    vasanth is offline
    Its not rocket science vasanth's Avatar
    Join Date
    Jan 2002
    Posts
    1,683
    well i can do anything with the DHCP server and stuff. One network has around 200 PC's (not connected to any outside network for security reasons) and the other network has around 800 PC's....... so reconfiguring anything other than the linux box is not in my hands..
    http://www.geekpursuit.com
  6. 09-24-2004 #6
    CornedBee
    CornedBee is offline
    Cat without Hat CornedBee's Avatar
    Join Date
    Apr 2003
    Posts
    8,895
    Then you'll need someone more knowledgable than me.
    All the buzzt!
    CornedBee

    "There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
    - Flon's Law
  7. 09-24-2004 #7
    vasanth
    vasanth is offline
    Its not rocket science vasanth's Avatar
    Join Date
    Jan 2002
    Posts
    1,683
    thanx anyway... solved it.. just had to set up some iptables rules to enable port fowarding.. works now..
    http://www.geekpursuit.com
« Previous Thread | Next Thread »
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. matchmaking connection of two addresses inside a NAT
    By underthesun in forum Networking/Device Communication
    Replies: 7
    Last Post: 01-04-2009, 11:19 AM
  2. added start menu crashes game
    By avgprogamerjoe in forum Game Programming
    Replies: 6
    Last Post: 08-29-2007, 01:30 PM
  3. VS .net project setting question
    By Jumper in forum C++ Programming
    Replies: 1
    Last Post: 05-13-2004, 11:03 AM
  4. Your favourite fantasy game setting?
    By fry in forum Game Programming
    Replies: 4
    Last Post: 10-16-2002, 06:26 AM
  5. Setting the background color of my main window
    By Garfield in forum Windows Programming
    Replies: 5
    Last Post: 07-06-2002, 11:25 PM