Menu
▾
▴
Re: [IPCop-user] External aliases and SNAT
|
From: Darren C. <da...@kd...> - 2004-03-20 18:03:21
|
Brad Morgan wrote: <SNIP> > Darin, > > It was Nick Shore [nic...@mu...] in the thread "Re: > [IPCop-user] Forcing outgoing IP source" that provided the answer. I > added the following (modifying the IP addresses) to > /etc/rc.d/rc.local: > > # get rid of MASQUARADE RULE > /sbin/iptables -t nat -F RED > > # NAT email server to its assigned public IP address > > /sbin/iptables -t nat -A RED -s 192.168.2.29 -o eth1 -j SNAT --to > 204.0.126.29 > > # NAT everything else to 204.0.126.30 > /sbin/iptables -t nat -A RED -o eth1 -j SNAT --to 204.0.126.30 > > Note that this is for 1.3. In 1.4 there are additional chains that > can (should?) be used instead. I just don't know enough about 1.4 to > say how this should be done or if the HTTP interface has hooks to > make it easier. > > What I think I'd like to see is a check box where you assign the > external alias that says outbound traffic should use this address as > well. Maybe it's on the port forwarding screen instead. I know > there's changes to this area between 1.3 and 1.4 so I don't know > exactly where is best. > Well it is 1.3 that I was thinking of modifying - I am still using it extensively and there is someone that has asked for this. Darren |