How to configure one-to-one on subinterface in Shorewall?

V

Vladimir2013-01-24 12:40:22

linux

Vladimir, 2013-01-24 12:40:22

Hello.

Available:
- external interface eth0 with ip addresses from different subnets
- there is an internal interface.

Task: Set up the shorewall like this. So that all traffic from LAN + from the localhost is NATed through IP_A, and IP_B one-to-one in LAN: 1.1.1.1……
I tried using /etc/shorewall/providers, but nothing worked out for me.
Can you tell me how to set it up correctly?

/etc/network/interfaces

# Loopback device:
auto lo
iface lo inet loopback

# device: eth0
auto  eth0
iface eth0 inet static
  address   IP_A
  netmask   255.255.255.224
  gateway   GTW_A
  
auto eth0:0
iface eth0:0 inet static
 address IP_B
 netmask 255.255.255.224
 #gateway	GTW_B

# VirtualBox NAT bridge
auto vnet0
iface vnet0 inet static
        address 172.16.0.1
        netmask 255.255.255.0
        bridge_ports none
        bridge_maxwait 0
        bridge_fd 1

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

E

EvilMan, 2013-01-24
@Degot

If you need to use nat 1:1, then use stateless nat with the ip utility. For example like this:

ip route add nat <IP_B> via 1.1.1.1
ip rule add nat <IP_B> from 1.1.1.1