SNAT and DNAT
florent@arcimex.com.bbs
florent@arcimex.com.bbs
31 Jul 2001 10:19:42 GMT
Hi,
For moving some boxes to the local side of my firewall, I want the firewall to get alias IP for these boxes and DNAT the traffic to the new IPs the boxes.
Actually, my script contains this line for a PC with old IP 192.168.1.4 and new 192.168.3.4 for example :
iptables -t nat -A PREROUTING -i eth0 -d 192.168.1.4 -j DNAT --to 192.168.3.4
Is it necessary to SNAT all outgoing packets from this box with :
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.3.4 -j SNAT --to 192.168.1.4
Florent
--
¡° Origin: ·s¼ÒÀÀ¥@¬É ¡» Mail: florent@arcimex.com (Florent)