10 Feb 10 Full NAT, DNAT and SNAT aka 1:1 NAT, 1 to 1 NAT
Full NAT, DNAT and SNAT aka 1:1 NAT, 1 to 1 NAT – this is used when you want to map a dedicated external IP on an external interface to another IP on a separate interface with everything routed between them.
EXTERNAL_IF=”eth1″
INTERNAL_IP=”192.168.1.105″
INTERNAL_IF=”eth0″
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i ${EXTERNAL_IF} -d ${EXTERNAL_IP} -j DNAT –to-destination ${INTERNAL_IP}
iptables -t nat -A POSTROUTING -o ${EXTERNAL_IF} -s ${INTERNAL_IP} -j SNAT –to-source ${EXTERNAL_IP}
route add -host ${EXTERNAL_IP} ${INTERNAL_IF}
arp -Ds ${EXTERNAL_IP} ${INTERNAL_IF}
Tags: dnat, iptables, nat, route, snat
18 Jan 09 Linux IP Address Configuration Static or DHCP
It’s simple really..
You can define a static IP as follows:
e.g. ifconfig eth0 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255
You can then define a route out to the internet:
Which has the same effect as: route add -net 0.0.0.0/0 <router>
i.e. route add default gw 192.168.1.1
Or if you’d like to acquire an address via a local DHCP server:
e.g. dhclient eth0
That’s all there is to it! Now.. these settings won’t stick on reboot, you’ll have to refer to your distro’s startup files. On debian you want /etc/network/interfaces
A sample stanza for the above configuration:
iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.0
broadcast 192.168.1.255
gateway 192.168.1.1
All done!
Tags: dhclient, dhcp, eth0, ifconfig, route, route add, static IP
15 Sep 08 Quick Linux and Windows OpenVPN HOWTO and tutorial, including VPN routing
OpenVPN is a popular Windows/Linux VPN Server/Client pair. I think there’s a separate GUI available for it if you’re so minded. This howto will cover command line usage only.
I’ll provide example configuration based on a Linux server and a Windows client, however the same applies pretty easily if you wanted to mix and match.
On debian, apt-get install openvpn. On any other linux distro, use your own package manager or alternatively download from source and compile.
(more…)
Tags: 10.8.0.1, 10.8.0.2, apt-get, client, compile, compression, daemon, daemonize, debian, default gateway, distro, established, forward, generate, interface, IP address, iptables, ip_forward, keepalive, Linux, linux server, masquerade, nat, openvpn, package manager, ping, related, remote, route, route add, route delete, route print, routing, secret key, server, source, tap, tcp, tcpdump, traffic, tun, udp, VPN, vpn client, vpn server, windows, windows client
|
I'm Adam Palmer, and I'm a PHP Programmer, Web Security Consultant, and Linux Consultant.
I run 'APNIC Solutions Ltd' and spend most of my time consulting, managing server clusters, and writing PHP, whilst what little spare time I have is dedicated to playing with gadgets.
|
