iptables and NAT [SOLVED]
Jorge Fábregas
jorge.fabregas at gmail.com
Fri Jan 28 11:07:33 UTC 2011
On 01/28/2011 01:11 AM, Jatin K wrote:
> um target prot opt source destination
> 2 DNAT all -- 0.0.0.0/0 192.168.131.133 tcp dpt:80 to:192.168.131.131:80
This line doesn't look right. Is it doing DNAT For the host
192.168.131.133 (converting it to 192.168.131.131? This doesn't make
sense as 192.168.131.133 belongs to your internal network.
> Chain POSTROUTING (policy ACCEPT)
> num target prot opt source destination
> 1 MASQUERADE all -- 192.168.131.131/24 0.0.0.0/0
192.168.131.131/24 is incorrect. If it's a particular host it should be
192.168.131.131/32 or simply 192.168.131.131. If it's for the network
then it would be 192.168.131.0/24 (proper way to specify network).
And again, just like Tim mentioned, you're not firewalling anything.
At this point you're just basically routing & NATing.
HTH,
Jorge
More information about the users
mailing list