- Subject: IPTABLES Setup for Internal Intranet
- From: John Corps <envoys@xxxxxxxxx>
- Date: Thu, 1 Mar 2012 15:07:42 -0500
- Authentication-results: mr.google.com; spf=pass (google.com: domain of envoys@xxxxxxxxx designates 10.236.153.6 as permitted sender) smtp.mail=envoys@xxxxxxxxx; dkim=pass header.i=envoys@xxxxxxxxx
- In-reply-to: <CAFURDX_e4eU8nKFSmweCKP_LaE9z_8S2cZrk93_r0UnKXGeYjA@mail.gmail.com>
Hello All,
I am attempting what is seeming to be an impossible scenario for some
unknown reason. What I want to do is setup a web server in a an
isolated vlan and on this vlan, the server is handing out IP addresses
via dhcp to the clients and setting there gateway to this server. What
I want to do is now, how do i make it so no matter what address they
try and go to using a browser, they are automatically redirected to
the internal web server saying that they do not have access to this
network. I have tried with a clean install of Debian and doing 1
single iptables rule of:
iptables -t nat -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m
tcp --dport 80 -j DNAT --to-destination 192.168.0.1
Which should redirect all traffic going to port 80 to the internal web
server at 192.168.0.1.
This isn't working, but on the client I can go to http://192.168.0.1
and get the page saying they have no access.
Am i missing something here or should this work? if it should work,
can anyone try and help as to why it doesn't?
Thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Linux Netfilter Development]
[Linux Kernel Networking Development]
[Linux Networking Development]
[Linux Kernel Development]
[Linux Resources]
[LARTC]
[Bugtraq]
[Consulting]
[Free Internet Dating]
[Yosemite Forum]
[Photo]
