Difference between revisions of "NAT Linux"
From Teknologisk videncenter
m |
m |
||
| Line 1: | Line 1: | ||
| − | + | = Linux IP Tables = | |
IP Tables is used for packet filtering and NAT/PAT translation on several Linux distributions including | IP Tables is used for packet filtering and NAT/PAT translation on several Linux distributions including | ||
*Ubunto | *Ubunto | ||
*Redhat | *Redhat | ||
*Centos | *Centos | ||
| + | == Basic NAT using IP Tables == | ||
| + | In the example below the internal network 192.168.1.0/24 is Source Natted (SNAT) to the external IP Address 83.90.47.30. Source nat also makes port translations. So the example uses NAT/PAT, and would be sufficient as a NAT/PAT solution for a private network. | ||
| + | <pre> | ||
| + | iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d 0.0.0.0/0 -j SNAT --to 83.90.47.30 | ||
| + | </pre> | ||
| + | use the command ''iptables -L -t nat'' to see the rule in the IPTABLES chains. | ||
| + | <pre> | ||
| + | [root@bkshost etc]# iptables -L -t nat | ||
| + | Chain PREROUTING (policy ACCEPT) | ||
| + | target prot opt source destination | ||
| + | |||
| + | Chain POSTROUTING (policy ACCEPT) | ||
| + | target prot opt source destination | ||
| + | SNAT all -- 192.168.1.0/24 anywhere to:83.90.47.30 | ||
| + | |||
| + | Chain OUTPUT (policy ACCEPT) | ||
| + | target prot opt source destination | ||
| + | </pre> | ||
[[Category:Linux]] | [[Category:Linux]] | ||
Revision as of 10:30, 7 March 2009
Linux IP Tables
IP Tables is used for packet filtering and NAT/PAT translation on several Linux distributions including
- Ubunto
- Redhat
- Centos
Basic NAT using IP Tables
In the example below the internal network 192.168.1.0/24 is Source Natted (SNAT) to the external IP Address 83.90.47.30. Source nat also makes port translations. So the example uses NAT/PAT, and would be sufficient as a NAT/PAT solution for a private network.
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d 0.0.0.0/0 -j SNAT --to 83.90.47.30
use the command iptables -L -t nat to see the rule in the IPTABLES chains.
[root@bkshost etc]# iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.1.0/24 anywhere to:83.90.47.30 Chain OUTPUT (policy ACCEPT) target prot opt source destination