iptables/Nat question

Redhat Enterprise redhat_help at yahoo.com
Tue Jul 6 04:50:21 UTC 2004 

Hello group/Pete

I tried that, what i use is RH9.0. With it's iptables
installation. Yes as U say there are 3 NICs. When i
did what U said and initialized the FW script it says:
warning: wiered character in interface 'eth0:1'(no
aliases, ! or *)
this follows on for all the lines which have the
aliased IPs, for eth0:1 and eth2:1.

How could i get about doing this ?

TIA




--- Pete Nesbitt <pete at linux1.ca> wrote:
> On July 4, 2004 11:58 pm, Redhat Enterprise wrote:
> > What i wanted to do  was to have 2 web servers
> having
> > private IPs( Ex: 192.168.128.5 and 192.168.128.6
> on
> > the 255.255.255.0 subnet). The hub connecting
> these
> > machines would be connected to my Linux firewall
> > machine. In other words the private IPs are the
> ones
> > that make my DMZ, I shall call this interface
> which is
> > connected to the DMZ as eth1.
> > What i want to do is redirect all requests to
> > 64.24.12.45 to 192.168.128.5 and 64.24.12.46 to
> > 192.168.128.6 at the moment i have no problem in
> doing
> > the natting and everything related to send/receive
> > from the 64.24.12.45.
> > What i thought was to have a virtual interface and
> > bind the other internet routable address to it, ex
> > eth0:0. What are my options?
> > Also how could i do the POSTROUTING SNAT if I
> cannot
> > use virtual in terfaces?
> >
> 
> Hi,
> I'm not sure I understand your question. As I read
> it, you have 3 boxes, 2 
> acting as web servers and 1 as a firewall. They are
> connected via a hub. It 
> looks like the fw has at least 2 nics, one for the
> internet and one for the 
> dmz (web server area), and probably a 3rd for
> internal LAN. I am presuming a 
> recent release of RH (say 8 or newer)
> 
> You can add the static IP to the external ethernet
> by creating a "eth0:1" (not 
> eth0:0). To do that manually, cp your
> /etc/sysconfig/network-scripts/eth0 to 
> eth0:1. The edit the IP address and hard link it
> into 
> /etc/sysconfig/networking/devices/ifcfg-eth0:1 
> and 
>
/etc/sysconfig/networking/profiles/default/ifcfg-eth0:1
> 
> Your postrouting should show something in the way
> (all one line):
> $IPTABLES -A POSTROUTING -t nat -p tcp -o $EXT_IF -s
> $WEB_SERVER_1 -j SNAT 
> --to-source  $EXT_IP_1
> 
> $IPTABLES -A POSTROUTING -t nat -p tcp -o $EXT_IF -s
> $WEB_SERVER_2 -j SNAT 
> --to-source  $EXT_IP_2
> 
> Hope that helps.
> -- 
> Pete Nesbitt, rhce
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe
>
mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 



		
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail

More information about the redhat-list mailing list