Another NAT Question - openSUSE Security - openSUSE Mailing Lists

newer
Re: [suse-security] Trace user...

Another NAT Question

older
RE: [suse-security] SUSE 9.0 and...

BLeonhardt＠analytek.de

10 Dec 2003 10 Dec '03

12:35

HI all, I'm not sure about the PREROUTING chain .. if I say : iptables -t nat -A PREROUTING -i eth1 -o eth0 -p tcp --dport 80 -j DNAT --to-destination 172.16.15.12:8080 is the real source address present or the source address from the router ? cu bruno

Reply

Sign in to reply online Use email software

Show replies by date

Erik Hensema

10 Dec 10 Dec

13:29

New subject: [suse-security] Another NAT Question

On Wed, Dec 10, 2003 at 01:35:18PM +0100, BLeonhardt@analytek.de wrote:

HI all,

I'm not sure about the PREROUTING chain ..

if I say :

iptables -t nat -A PREROUTING -i eth1 -o eth0 -p tcp --dport 80 -j DNAT --to-destination 172.16.15.12:8080

is the real source address present or the source address from the router ?

iptables always checks for the real source address of the packet, not some address of a router which may be in between the source and the firewall. -- Erik Hensema (erik@hensema.net)

Reply

Sign in to reply online Use email software

7707

Age (days ago)

7707

Last active (days ago)

Download

1 comments

2 participants

tags

participants (2)

BLeonhardt＠analytek.de
Erik Hensema