routes are killing me - how to?
Peter Bagnall
yellowdog-general@lists.terrasoftsolutions.com
Thu Nov 7 08:17:01 2002
I'd just like to emphasise something that seems to be causing a bit of
confusion on this thread...
192.168.x.x are unrouted subnets. That is to say routers simply drop
packets from these subnets on sight. This is why we can all use
192.168.0.x as our private network addresses without causing mayhem
with IP address conflicts.
Stefan Bruda is exactly right here, what you need is Masquerading. What
this does is it catches IP packets as the enter the linux box, and
rewrites the IP headers to make it look as if the initial request came
from it, rather than from the private network behind. This is one
element of NAT (network address translation). When the reply packets
come back it recognises the session (this can be pretty tricky with non
TCP traffic), and passes the packet back into the private network after
readdressing it to the machine that sent the original outgoing packet.
Routing does NOT do this, and this is why playing with routing tables
has given you no joy, despite some suggestions to the contrary.
Does that give you a better picture of what's going on? Now you're
actually solving the right problem you should make much better progress
;-)
Pete
On Thursday, November 7, 2002, at 01:45 PM, Stefan Bruda wrote:
> At 00:30 -0500 on 2002-11-7 Stefan Jeglinski wrote:
>>
>> I'm sorry, but IMHO finding a *simple* IPABLES how-to is not easy.
>
> Well, you want for a starter just masquerading, so take a look at
> the... masquerading howto: ;-)
>
> http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/
>
> Stefan
>
> --
> If it was so, it might be; and if it were so, it would be; but as
> it isn't, it ain't. That's logic.
> --Lewis Carroll, Through the Looking-Glass
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general@lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
>