Network Address Translation:

Network Address Translation is simply the process of changing the IP address of a network packet.

IP masquerading is the process of using one "routable" public IP address as a "front" for a whole set of private IP addresses.


We configure the "eth1" interface on the Linux router machine to receive an IP address via a DHCP server;
The configuration is done in the "/etc/network/interfaces" as we can see below:


Firewal rules for the eth1 interface:

We start by configuring the NAT on the "eth1" interface as below:


We also enable the routing abilities from the "eth1" interface to the "eth0" interface of the Linux routerusing the below command:


Then we enable the routing abilities from the "
eth0" interface to the "eth1" interface of the Linux routerusing the below command:


* -t : refers to the "table" , here we deal we the "nat" table.
* -A : refers to the rules or "chain" of the iptables (POSTROUTING, FORWARD...)
* i : input interface.
* o : output interface
* -m : means "matches".
* -j : action if the preceding "rules" are true.
* RELATED : means that the received IP packet is starting a new 
connection, that is related to an already existing connection.
* ESTABLISHED : means that the received IP packet is associated with an already established connection.
Brando Sabatini and Ikbal C ©. Powered by Blogger.