[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [TEKNIK] iptables, hvordan undlades flere subnets ved nat ?



> Hejsa.
>
> Jeg har flere subnets routet på en linuxbox, og kan jeg ikke route en
> adresse skal den på internettet.
>
> Jeg kan nemt klare mine regler for FORWARD, men laver jeg en
> masquerade-regl bagefter, bliver trafik til mine lokale net der kommer via
> ipsec-tuneller også masq'ed
>
> Jeg har så fundet ud af at jeg kan bruge ! -d lokalnet/mask problemet er
> bare jeg har flere subnets der ikke må masques og ,subnet,subnet,subnet må
> ikke bruges når man bruger !
>
> Så hvad gør man ?
>
> Jeg vil maskq alt trafik der IKKE er til net
>
> 10.0.0.0/22,172.25.192.0/18,192.168.0/22
>
> Kunne jeg bare lave denne regl ville det være dejligt :(
>
> -t nat -A POSTROUTING -s 10.1.1.14/32 ! -d
> 10.0.0.0/22,172.25.192.0/18,192.168.0/22 -o eth1 -j MASQUERADE

Så laver du bare flere regler. i stedet for en regel med 3 subnet, så 3
regler med 1 subnet.

/kallenberg




 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2012-07-01, 02:01 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *