IPTables, combine with IP Forwarding feature of Linux, can be configured for creating static nat. This post will give example configuration to have static nat in Linux machine.
1. Load nat module.
Execute this command., and add this command in /etc/rc.local file so that this command will be executed every reboot.
modprobe iptable_nat
2. Enable IP Forwarding. This command will enable ip forwarding in Linux machine.
echo 1 > /proc/sys/net/ipv4/ip_forward
You can edit /etc/sysctl.conf and uncomment his line,
#net.ipv4.ip_forward=1
To be like this
net.ipv4.ip_forward=1
So that it will have value 1, mean that ip forwarding si enable.
3. Creating IPTables rule.
There are two nat, nat for source address (your home server), using POSTROUTING, nat for destination address (internet server), using PREROUTING.
For example, if you want nat your local server, 192.168.1.1, with public address 201.1.1.1, you have to configure POSTROUTING.
Configure static nat for local server to public ip,
iptables -t nat -A POSTROUTING -s 192.168.1.1 -o eth0 -j SNAT --to-source 201.1.1.1
Allow forwarding snat connection from local server,
iptables -A FORWARD -t filter -o eth0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Save your configuration in your iptables script.
Linux Home Networking (http://www.linuxhomenetworking.com/) can be your source for Linux networking related.
[11:19 AM
|
3
comments
]
3 comments
hi! this script is not working on my server or maybe i misunderstood the instruction however my server is centos with installed openvpn i use this for vpn and for other user but the problem is i need to limit their bandwidth with their given static ip which is i solved it! the main problem of this is on my browser the ip address was not change let say im the user which have the ip of 10.8.0.4 then on the website(http://snoopmyip.com) which ip address viewer is displaying different. my static ip is 10.8.0.4 become server's ip on http://snoopmyip.com
very gud...very nice blog
Not working
Post a Comment