[CentOS] iptables questionson CentOS
indunil75 at gmail.com
Thu Dec 4 09:21:15 UTC 2008
I know these are a few iptbales questions. NOT CentOS, anyway, I am
running a firewall on centos 5.x.
If you can response, it would be fine.
I want to add a SNAT rule for one user in LAN to access one particular
destination on the internet.
Let's say www.centos.org
I added the below rule. But . it does NOT work
Pls assume 184.108.40.206 is the real ip of the firewall.
ip address 192.168.101.230 is the client PC
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.101.230 -j SNAT
--to-source 220.127.116.11 -d www.centos.org
Any idea to achieve it?
the below rule excludes 1 ip. it works fine.
iptables -t nat -A PREROUTING -p tcp -m multiport -s ! 192.168.1.9
--destination-port 80,465,995 -j DNAT --to-destination :3128
I want to exclude about 4 or 5 ips.
let's say 192.168.1.11, 192.168.1.19, 192.168.1.20,192.168.1.25
Is there a way to do it?
Hope to hear from you.
More information about the CentOS