NAT Problems

Home Page Forums Network Management ZeroShell NAT Problems

This topic contains 1 reply, has 0 voices, and was last updated by  xz4xbj 8 years, 7 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #42847

    xz4xbj
    Member

    Hi all , in the italian forum i had no answer , so i post a question here.

    Zeroshell beta 14 , i use it as an internet firewall/router.

    I have a wifi printer on a wifi network , i must NAT this printer on another network .
    This is what i did , but it didn’t work.
    Thanks to all people that will help me.

    BRIDGE00 ip 192.168.68.163 -> ETH04 ip 192.168.65.250 (printer )


    root@router root> iptables -t nat -L PREROUTING
    Chain PREROUTING (policy ACCEPT)
    target prot opt source destination
    DNAT all -- anywhere 192.168.68.163 to:192.168.65.250
    CapPort all -- anywhere anywhere

    root@router root> iptables -t nat -L POSTROUTING
    Chain POSTROUTING (policy ACCEPT)
    target prot opt source destination
    SNAT all -- 192.168.65.250 anywhere to:192.168.68.163
    SNATVS all -- anywhere anywhere
    MASQUERADE all -- anywhere anywhere

    root@router root> route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    192.168.66.248 0.0.0.0 255.255.255.248 U 0 0 0 ETH03
    192.168.65.248 0.0.0.0 255.255.255.248 U 0 0 0 ETH04
    192.168.68.160 0.0.0.0 255.255.255.224 U 0 0 0 BRIDGE00
    TISCALI 0.0.0.0 255.255.255.0 U 0 0 0 ETH00
    0.0.0.0 TISCALI 0.0.0.0 UG 0 0 0 ETH00
    root@router root>

    script in the nat and virtual server startup:


    iptables -t nat -I PREROUTING 1 -d 192.168.68.163 -j DNAT --to-destination 192.168.65.250
    iptables -t nat -I POSTROUTING 1 -s 192.168.65.250 -j SNAT --to-source 192.168.68.163

    Firewall Rules – chain forward :


    1 * * ACCEPT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED no
    2 BRIDGE00 ETH00 ACCEPT all opt -- in BRIDGE00 out ETH00 0.0.0.0/0 -> 0.0.0.0/0 no
    3 ETH02 ETH00 ACCEPT all opt -- in ETH02 out ETH00 0.0.0.0/0 -> 0.0.0.0/0 no
    4 ETH03 ETH00 ACCEPT all opt -- in ETH03 out ETH00 0.0.0.0/0 -> 0.0.0.0/0 no
    5 ETH05 ETH00 ACCEPT all opt -- in ETH05 out ETH00 0.0.0.0/0 -> 0.0.0.0/0 no
    6 BRIDGE00 ETH04 ACCEPT all opt -- in BRIDGE00 out ETH04 0.0.0.0/0 -> 0.0.0.0/0 no
    7 ETH04 BRIDGE00 ACCEPT all opt -- in ETH04 out BRIDGE00 0.0.0.0/0 -> 0.0.0.0/0 no
Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.