Linux 101 Network Address Translation ( NAT )
Network Address Translation is simply the process of changing the IP address of a network packet.
IP masquerading is the process of using one "routable" public IP address as a "front" for a whole set of private IP addresses.
We configure the "eth1" interface on the Linux router machine to receive an IP address via a DHCP server;
The configuration is done in the "/etc/network/interfaces" as we can see below:
Firewal rules for the eth1 interface:
We start by configuring the NAT on the "eth1" interface as below:
We also enable the routing abilities from the "eth1" interface to the "eth0" interface of the Linux router, using the below command:
* -A : refers to the rules or "chain" of the iptables (POSTROUTING, FORWARD, ...)
* i : input interface.
* o : output interface
* -m : means "matches".
* -m : means "matches".
* -j : action if the preceding "rules" are true.
* RELATED : means that the received IP packet is starting a new
connection, that is related to an already existing connection.
* ESTABLISHED : means that the received IP packet is associated with an already established connection.
* ESTABLISHED : means that the received IP packet is associated with an already established connection.
Comments