RE: Masqueraded DNS and one IP
A better method of Prerouting is to use a different destination address .. :) ### Internal Mail Serv $IPTABLES -t nat -A PREROUTING -i ppp0 -p tcp --dport 110 -j DNAT --to 192.168.0.2:1111 $IPTABLES -t nat -A PREROUTING -i ppp0 -p udp --dport 110 -j DNAT --to 192.168.0.2:1111 ### Internal Web Server DNAT $IPTABLES -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT --to 192.168.0.3:8888 ### Internal DNS Server DNAT #### Please make sure that your Servers are runnin on the correct port or whateva you want it to be :) . $IPTABLES -t nat -A PREROUTING -i ppp0 -p tcp --dport 53 -j DNAT --to 192.168.0.4:533 ### Allow Port Forwarding on the Ports Specified $IPTABLES -A FORWARD -p tcp -i ppp0 -d 192.168.0.2 --dport 1111 -j ACCEPT $IPTABLES -A FORWARD -p udp -i ppp0 -d 192.168.0.2 --dport 1111 -j ACCEPT $IPTABLES -A FORWARD -p tcp -i ppp0 -d 192.168.0.3 --dport 8888 -j ACCEPT $IPTABLES -A FORWARD -p tcp -i ppp0 -d 192.168.0.4 --dport 533 -j ACCEPT $IPTABLES -A FORWARD -p udp -i ppp0 -d 192.168.0.4 --dport 533 -j ACCEPT All machines must have the Default Gateway of the Masquerade Box and Maybee all boxes can get DNS from your DNS server ??? make sure you have DnS Forwarding enabled or a root cache DnS server ... all your internal Services should now be accessed by the Internet on the Gateways External Address @ the correct Port / Proto . hope this helps ..
