/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
Hey Fuzzy Fox, yes i found it out myself :-) whow only 2 rows! iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A PREROUTING -t nat -p tcp -s 180.133.151.14 -j SNAT --to 195.126.216.98 But if make iptables -D PREROUTING -t nat -p tcp -s 80.133.151.14 -j SNAT --to 195.126.216.98 all active connection keep alive. Do you know how i can close them I look in /proc/net/ip_contrack and found tcp 6 431999 ESTABLISHED src=80.133.151.14 dst=217.160.140.67 sport=64022 dport=80 src=195.126.216.98 dst=217.160.140.67 sport=80 dport=64022 [ASSURED] use=1 And is it possible to throttle the throuput to a max like 20 kbytes per second or something else ? ----- Original Message ----- From: "Fuzzy Fox" <[EMAIL PROTECTED]> To: "Joerg Peters" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, November 12, 2002 5:22 AM Subject: Re: NAT and MASQ on the same interface > Joerg Peters <[EMAIL PROTECTED]> wrote: > > > > I have a server with an ip 1.2.3.4 > > If a request on port 80 from ip 2.2.2.2 come, i want to redirect it to > > 1.2.3.5 on Port 80 but allthoug i want to change the ip to 1.2.3.4 > > And all back coming data for the request must be redirected to the ip > > 2.2.2.2. > > Is this what you want? > > iptables -t nat -A PREROUTING -p tcp \ > -s 2.2.2.2 -d 1.2.3.4 --dport 80 \ > -j DNAT --to 1.2.3.5 > > This says, essentially, if a TCP connection arrives from 2.2.2.2, > destined for 1.2.3.4, port 80, the destination will be NAT'd to 1.2.3.5, > port 80. > > Once the connection tracking is established, the replies and other > messages will be correctly handled. > > This assumes that you have a FORWARD chain that permits this traffic to > pass, in both directions. > > -- > [EMAIL PROTECTED] (Fuzzy Fox) || "Good judgment comes from experience. > sometimes known as David DeSimone || Experience comes from bad judgment." > > _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
