[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NAT and Masquerading
On Thu, 11 Mar 1999, Semion Lisyansky wrote:
SL>well, theese are not unices, actually part of them even not computers
nice :)
SL>Ok, that's more or less what I'm doing. Somehow I've reached about
SL>6-8 rule records per host/port - input/output/forward chains, static NAT
SL>rules, aliasing record.
But you write that you have a problems - which?
SL>/sbin/ifconfig eth1:1 <virtual address>
SL>/sbin/ipnatadm -O -i -W eth1 -S <internal host> -M <virtual address>
SL>/sbin/ipnatadm -I -i -W eth1 -D <virtual address> -N <internal host>
ipnatadm have not an -b (bidirect rule) option?
SL>/sbin/ipchains -A forward -i eth1 -s <internal host> -j ACCEPT
SL>/sbin/ipchains -A forward -i eth0 -d <internal host> -j ACCEPT
SL>... some ipchains input/output allow/deny rules..
SL>......
SL>/sbin/ipchains -A forward -i eth1 -j MASQ # for all other hosts
and...?
What exactly you can not achieve?
--
Vadim Smelyansky (AKA Proglot) cellular:+972-53-876933
Wide Networking Solutions Ltd., Yokneam, 20692, Israel