iptables + ebtables + snat question
Scott Phelps
netfilter at decipher.com
Sat Aug 13 00:41:15 CEST 2005
I have the following setup:
LAN
|
|
if0 ________
DMZ---if1 if2---|ROUTER|---INTERNET
\ / --------
br0
LAN_NET = 10.0.0.1
PUBLIC_NET = 77.25.33.0/28
(14 hosts - broadcast = .15)
I am doing transparent bridging between
if1 and if2
My ROUTER ethernet iface has IP 77.25.33.1
my DMZ hosts will have public IPs ranging
77.25.33.2-14
My question is can Masquerade (SNAT) my LAN
IPs and use the ROUTER ethernet IP
as a --to-source target?
Or do I have to assign a IP to my br0 interface?
I am in deign mode so I was trying to figure out
if this is possible.
The rule would look like this:
$IPTABLES -t nat -A POSTROUTING \
-o $BR0 -j SNAT --to-source $ROUTER_IP
Can this work?
More information about the netfilter
mailing list