Difference between revisions of "Network/Nat"

From LunaSys
Jump to navigation Jump to search
(Created page with " = Conf Online = == Regles NAT == Editer /etc/sysconfig/iptables: Dans la section ''*filter'', s'assurer que l'on a ces lignes: <pre> ... -A FORWARD -d 192.168.250.0/24 -...")
(No difference)

Revision as of 22:45, 14 April 2012

Conf Online

Regles NAT

Editer /etc/sysconfig/iptables:

Dans la section *filter, s'assurer que l'on a ces lignes: 

...
-A FORWARD -d 192.168.250.0/24 -i br0 -o virbr3 -j ACCEPT
-A FORWARD -s 192.168.250.0/24 -i virbr3 -o br0 -j ACCEPT
-A FORWARD -i virbr3 -o virbr3 -j ACCEPT
-A FORWARD -o virbr3 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr3 -j REJECT --reject-with icmp-port-unreachable
...

Et dans la section *nat, avoir: 

...
-A PREROUTING -d 88.191.224.11/32 -j DNAT --to-destination 192.168.250.3
-A POSTROUTING -s 192.168.250.3/32 -o br0 -j SNAT --to-source 88.191.224.11
...
Retrieved from "http://wiki.lunasys.fr/mediawiki/index.php?title=Network/Nat&oldid=94"