NAT WAN IP to internal range?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Hello,

I am having a bit of trouble following the documentation on assigning
a range of NATed IPs.
My router has a several External IP’s assigned to the WAN interface:

WANIF=`get_wanface`
ifconfig $WANIF:1 a.b.c.241 netmask 255.255.255.248 broadcast a.b.c.247
ifconfig $WANIF:2 a.b.c.242 netmask 255.255.255.248 broadcast a.b.c.247
ifconfig $WANIF:3 a.b.c.243 netmask 255.255.255.248 broadcast a.b.c.247

Then I have successfully configured a single internal machine natted
with the 241 address like so:

iptables -t nat -I PREROUTING -d a.b.c.241 -j DNAT --to-destination 192.168.1.69
iptables -t nat -I POSTROUTING -s 192.168.1.69 -j SNAT --to-source a.b.c.241

That works great, but I need the second IP (242) to be the external IP
for a _range_ of internal IPs

I have tried this however it does not appear to work:

iptables -t nat -A PREROUTING -d a.b.c.242 -j DNAT --to-destination
192.168.1.100-192.168.1.150
iptables -t nat -A POSTROUTING -s 192.168.1.100-192.168.1.150 -j SNAT
--to-source 150.101.194.242

This article suggests (at least to me) that this is possible:
http://www.cyberciti.biz/tips/linux-iptables-how-to-specify-a-range-of-ip-addresses-or-ports.html

The ‘Nat how to docs’ seem to suggest that a range can be specified,
but I suspect my usage is wrong?
http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO-6.html#ss6.2


How do I NAT a WAN IP to a range of internal IPs?

Thanks and kind regards,
Andrew Stone.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Linux Netfilter Development]     [Linux Kernel Networking Development]     [Linux Networking Development]     [Linux Kernel Development]     [Linux Resources]     [LARTC]     [Bugtraq]     [Consulting]     [Free Internet Dating]     [Yosemite Forum]     [Photo]

Add to Google Powered by Linux