On Mon, Jun 24, 2002 at 09:27:34PM +0700, Nicholas N.E wrote: > to be short : > > 10.0.3.0/24 ---> Gatewaty --> Internet > w.x.y.z > > 10.0.3.8 is DNAT'ed to accept http request and some UDP ports > To the gateway w/ public IP > > Internet ---> Gateway:80 -- DNAT--> 10.0.3.8:80 > > > But workstations ( on the same LAN ) can not access 10.0.3.8 using the > Gateway's Public IP > THey can only connect by typing 10.0.3.8 ( or hostname only ) in the > browser's URL box > > So far, I only use these on the nat tables : > > iptables -t nat -A PREROUTING -p tcp -s 0/0 -d $Gateway_Ext_IP --dport 80 > -j DNAT --to 10.0.3.8:80 > > AND > > iptables -t nat -A POSTROUTING -s 0/0 -d 0/0 -o $ ext_iface -j SNAT --to > $Gateway_ext_IP > > Should I add something more so other workstations on the same LAN as 10.0.3.8 > can access it by using their gateway's Public IP ?
iptables -t nat -A POSTROUTING -p tcp -s 10.0.3.0/24 -d 10.0.3.8 --dport 80 -j SNAT --to $Gateway_ext_IP Ramin > > I do not know what this is called tho' > > > Thank you for reading. > > > > Nicholas.
