Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Giedrius on October 31, 2003, 11:08:49 AM

Title: NAT on SME 5.6 or 6.0
Post by: Giedrius on October 31, 2003, 11:08:49 AM

Need hawto about 1 to 1 NAT on SME 5.6 or 6.0

Thanks :)

Title: Re: NAT on SME 5.6 or 6.0
Post by: Luis A. Navas on October 31, 2003, 08:15:10 PM

Go to http://contribs.org and try to find 1to1 NAT this works fine on e-smith 5.x but I not test on SME 6

Have a nice day.

Luis

Title: Re: NAT on SME 5.6 or 6.0
Post by: Charlie Brady on November 01, 2003, 02:05:56 AM

Luis A. Navas wrote:

> Go to http://contribs.org and try to find 1to1 NAT this
> works fine on e-smith 5.x but I not test on SME 6

The contrib can't work on both 5.5 and 5.6 (since it will use either ipchains or iptables), so 5.x isn't accurant and isn't descriptive.

If the contrib works on 5.6, it may work on 6.0, but there has been some reorganisation of the iptables firewalling code, so it needs checking.

Charlie

Title: Re: NAT on SME 5.6 or 6.0
Post by: Giedrius on November 01, 2003, 12:48:48 PM

Hi,
This contrib work only on 5.0 - 5.5

I read iptable NAT hawto and add manual from console:

ifconfig eth1:1 inet NEW_EXT_IP netmask EXT_IP_MASK broadcast EXT_IP_BCAST up

/sbin/iptables -t nat -A PREROUTING --dst NEW_EXT_IP -j DNAT --to-destination INTERNAL_IP_ON_LAN
/sbin/iptables -t nat -D POSTROUTING --dst INTERNAL_IP_ON_LAN -j SNAT --to-source NEW_EXT_IP
/sbin/iptables -t nat -D OUTPUT --dst NEW_EXT_IP -j DNAT --to-destination INTERNAL_IP_ON_LAN

All settings working fine from INTERNAL LAN i can connect to NEW_EXT_IP and all pocets going to INTERNAL_IP_ON_LAN but from Internet i can't access  NEW_EXT_IP !

Any ideas ?

Title: Re: NAT on SME 5.6 or 6.0
Post by: Giedrius on November 01, 2003, 12:58:37 PM

sorry not nat -D only nat -A :)