Scott Waller (Lots of Watts) wrote:
and I want to let all the computers on eth0 network to talk to an
internet connection on the 10.0.0.1 network, how would I use iptables
and/or NAT to make this happen?
I have a theory but haven't tested it yet:
Why not? :-)
iptables -A FORWARD -j MASQUERADE -o eth0 -t nat
I think I am missing something.............???
Close. -o specifies the *output* interface. So it should be -o eth1 . In
addition, the nat table doesn't have a FORWARD builtin chain. You should
be using POSTROUTING instead.
The man page for iptables is fairly comprehensive. It's also worth
checking out the netfilter docs at http://netfilter.org/documentation/ .
The NAT HOWTO covers precisely this situation;
http://netfilter.org/documentation/HOWTO//NAT-HOWTO-4.html#ss4.1
Cheers,
--
Pete
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
