On 1/23/07, Nicholas Leippe <[EMAIL PROTECTED]> wrote:
You'll need both a DNAT and a SNAT rule if you don't want to do an internal
zone in your DNS. See:
http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO-10.html
Thanks for this, Nicholas, I think it's almost what I'm looking for
but if I'm reading it correctly the example is just forwarding the lan
port 80 to the internal web server as well. I want it to do that only
if the destination address is the external address.
I suppose one of my problems is going to be that I don't know my
external address until after dhcp is up, but it wouldn't be a big deal
to have something run as a dhcp change hook.
And here's the example for others reading:
# iptables -t nat -A POSTROUTING -d 192.168.1.1 -s 192.168.1.0/24 \
-p tcp --dport 80 -j SNAT --to 192.168.1.250
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
