Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: configuring PAT on linux using IPtables

configuring PAT on linux using IPtables 11 years 6 months ago #8611

Im setting up a small home network for a friend and am having trouble configuring iptables for PAT. SNAT or DNAT is not an option because he has to many computers and only one public ip address to forward on. I would like to know the commands issued to set up the firewall ruleset for PAT. Ive already googled for a tutorial specific to PAT and I've found nothing. Thanks!
"He who breaks something to find out what it is, has left the path of wisdom."

Gandalf the Grey
The administrator has disabled public write access.

Any joy ? 11 years 5 months ago #8724

  • andyfry
  • andyfry's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Hi,

Did you ever get any help with this ? I have a similar problem, if I find an answer, I'll let you know. It looks like masquarading will do it, but I'll let you know.

Andy
The administrator has disabled public write access.

Re: configuring PAT on linux using IPtables 11 years 5 months ago #8726

Well, my problem lies with the documentation of IP tables. It covers dynamic NAT and static NAT wonderfully, but I could not glean one syntax example when it came to port address translation. I know it can do it, I just need to know either WHERE to find the documentation on it or hear from someone who was able to pull it off themselves. I don't have the time to sit around at this guys house and play with it. When I go over there, I need to know exactly what I'm doing. (he is a good friend of my family and is paying me to do this, so I'd rather not waste his money) This post has been on the forum for a while, so if anybody here tried to help me out, they were probably just as successful as I was when it came to searching for documentation.
"He who breaks something to find out what it is, has left the path of wisdom."

Gandalf the Grey
The administrator has disabled public write access.

Re: configuring PAT on linux using IPtables 11 years 5 months ago #8727

  • nske
  • nske's Avatar
  • Offline
  • Expert Member
  • Posts: 613
  • Karma: 0
You should search for IP Masquerading instead, since that's how it is called in IPtables ;)

Still, I don't see why you can not use SNAT (Source NAT, not to be mistaken with Static NAT) instead. The fact that there are many private hosts and only one public address is irrelevant. Masquerade is good just in case you are not routing through an interface with a static IP address.

Besides the official HOWTOs, there are a couple of unofficial tutorials at the documentation section of netfilter.org, that cover exactly how you can use SNAT/Masquerade to do what you want.

Take a look and experiment a bit, if you still have a problem perhaps I can post some couple-of-line examples (it's not anything complicate anyway, I just can't keep my eyes open enough right now (05:51 AM) :)).
The administrator has disabled public write access.

Re: configuring PAT on linux using IPtables 11 years 5 months ago #8728

Hmm, I'm just used to the concept of PAT from studying cisco curriculum I guess. I've never read about IP masquerading before, so I will have to give it a look. Thanks again nske!
"He who breaks something to find out what it is, has left the path of wisdom."

Gandalf the Grey
The administrator has disabled public write access.
Time to create page: 0.081 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup