[Gllug] local DNS with smoothwall or IPcop?

Steve Nicholson yahoogroups at yoursolutions.com
Fri Nov 15 20:03:29 UTC 2002 

Have been making an attempt at this today, smoothwall uses ipchains so have been reading the man and how-tos.  I'm still confused as I don't see a way of redirecting the external address to the internal one. Redirect is only for the port from what I can tell read about and using masq doesn't make sense until I can set up the new destination.

>From what I can tell I need to create a new rule on the INPUT chain testing for the external IP if matched jump to a new user defined chain.
Create two rules for the new user defined chain:
- one to redirect external IP to internal one,
- one to masq the external to internal
Otherwise the source and destination IP's don't seem right.

This is what I think I need to do
ipchains -N dev_web
ipchains ??? something that redirects external_IP to internal_IP
ipcahins -A dev_web -d internal_ip -j MASQ
ipchains -A input -p tcp -d external_IP :80 -j dev_web

Have had a play with it but don't seem to be getting anywhere, is there some better documentation than the ipchains how-to and masquerading how-to, because I'm missing something in my understanding of this.

thanks
Steve.

On 13 Nov 2002 14:27:24 +0000 Simon A. Boggis wrote:

> Oops, whilst cutting and pasting those together I lost the "-p tcp"
> which would be needed with "--dport 80".
> 
> Simon
> 
> On Wed, 2002-11-13 at 13:34, Simon A. Boggis wrote:
> > iptables -t nat -I PREROUTING 1 -d 1.2.3.4 --dport 80 -j DNAT
>                                              ^ insert "-p tcp"
> > --to-destination 5.6.7.8
> 
> > 
> > iptables -t nat -I POSTROUTING 1 -d 5.6.7.8 --dport 80 -j SNAT
>                                              ^ insert "-p tcp"
> > --to-source 5.6.7.254
> 
> > If you want to redirect all traffic remove the "--dport 80"
>                                                   ^ insert "-p tcp"
> 
> -- 
> ----------------------------------------------------------------------
> Dr Simon A. Boggis                                  Systems Programmer
> Department of Computer Science,                     Tel. 020 7882 7522
> Queen Mary, University of London, London E1 4NS UK. 
> ---- GPG public key <http://www.dcs.qmul.ac.uk/~simon/#publickey> ----
> 
> 
> -- 
> Gllug mailing list  -  Gllug at linux.co.uk
> http://list.ftech.net/mailman/listinfo/gllug
> 
> 

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list