NAT in OUTPUT CHAIN
Edilson Carlos Belluomini
edilson@hrcnet.com.br
Tue, 10 Jul 2001 09:48:55 -0300
Hello everybody
I tried to use NAT in OUTPUT chains, but it don`t works.
I used the following commands:
#re-route external traffic from internet webserver IP address to internal
address
iptables -t nat -A PREROUTING -p tcp -d $webip --dport 80 -j DNAT --to
192.168.0.1:80
#packets from internal web server is SNATed to it's internet IP.
iptables -t nat -A POSTROUTING -t nat -s 192.168.0.1 -o $extint -j SNAT --to
$webip
#re-route internal traffic to internal web-server as come com external linux
ip address
iptables -t nat -A POSTROUTING -p tcp -d 192.168.0.1 --dport 80 -s
192.168.0.0/24 -j SNAT --to $extip
#re-route linux box traffic
iptables -t nat -A OUTPUT -p tcp -d $webip --dport 80 -j DNAT --to
192.168.0.1:80
where $webip is the internet address of my web server, and 192.168.0.1 is my
real address of my web server.
Everything except the OUTPUT chains works fine.
There is anybody that can help me ???
Thank You
Edilson Carlos Belluomini
edilson@hrcnet.com.br