TechSpot

iptables SNAT-DNAT

By MattG
Oct 29, 2003
  1. Hey guys.

    I having a serious issue with my network.
    I will map it out first for you, so you can get a view of what is going on.

    Ok, we have a cable connection coming into a linksys router acting ONLY as a switch, not a router =] from there we go into a Slackware linux Box with 2 NIC's. Connecting 2 unlike networks. a 192.168.1.0 network and a 192.168.10.0 network. The 10.0 network is subnetted into 2 networks.

    Now, my problem is this:

    I have the slackbox acting as a router right, but i dont want my webserver open to the public..sort of...So i put the webserver on the 10.0 network. I set the linksys router to forward all HTTP requests on port 80, to the slack box, and from there (the slack box) i have it going to the web server. Sounds right, right? wrong.

    using this

    iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 192.168.10.x (x being webserver IP)

    This works so that the outside can view the page, and here i thought it worked great! So, we tested www.google.com..and up came our website...da hell? Tried another site, and another and another..all our web site.

    Great...lol.

    Any idea what command can fix this..the network is pretty solid as far as everything else goes though.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.