Hi, Thanks for all the response! Special thanks to Magic Phibo, Steve Krause. For the NAT on linux, basically, you can: 1. nat-static-2.2.4.tar.gz get from http://www.csn.tu-chemnitz.de/HyperNews/get/linux-ip-nat.html 2. iptables on Linux with kernel 2.4 3. ipfilter with linux kernel 2.0.x or openbsd. (have not tried this one) The tricky thing is after you configure the NAT, you must add another static routing entry on your internal network. Cheers, carl ------------- Begin Forwarded Message ------------- Date: Wed, 6 Dec 2000 18:01:10 -0500 (EST) From: Carl Ma<[EMAIL PROTECTED]> Subject: NAT solution on Linux(RH) To: [EMAIL PROTECTED] Mime-Version: 1.0 Content-MD5: u7smxjUj9ZmjgMXg2ag/Vg== Dear all, I am looking for the NAT solution on Linux( RedHat 6.2). What I hope to do is static NAT as following: Office network gateway machine database servers network 129.158.166.0/23---| |------ 10.100.1.0/24 --server 1 | | eth0 eth1 129.158.166.1 10.100.1.2 eth0:0 129.158.166.2 server 1 - one of database server in "database servers network", ip is 10.100.1.10. gateway machine - linux 6.2(kernel 2.4-test11 with Netfilter & NAT support) I hope users could talk to database server from office network. So I did the alias on eth0 and want to the NAT from 129.158.166.2 to 10.100.1.10. What I did is using iptables as following: #iptables -P INPUT ACCEPT #iptables -P OUTPUT ACCEPT #iptables -P FORWARD ACCEPT #iptables -t nat -A PREROUTING -i eth0 -p tcp -d 129.158.166.2 --dport 23 -j DNAT --to 10.100.1.10:23 <=test the telnet After that I telnet 129.158.166.2 from office, the telnet session just hang. I use the "tcpdump" to check the eth0, eth1. Both have packages flow. I do not know what wrong with my iptables configuration and is there any other better NAT solution on linux? Appreciate any suggestions! carl ------------- End Forwarded Message ------------- - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
