[nmglug] iptables question,
Andres Paglayan
andres at paglayan.com
Thu Feb 15 16:04:03 PST 2007
Hi,
I have this situation where I have to connect to a sql server that
runs in a virtual machine,
the box is in the hospital to which I am connected through a T1
the physical ip of the box is n.n.2.35 and named
dserver.localdomain.ms-sql
the virtual server is n.n.2.34 and named dserver.localdomain.virtual
now, in my host files, I am only resolving
n.n.2.34 dserver
from a tcpdump I saw that even if the requests are supposing to go to
2.34
I am getting responses back from 2.35 which are obviously not
traversing the router/firewall
meaning the physical machine's ip is responding instead of the
virtual machine,
the puzzle is that if I am at their physical network I can connect
with no problems,
and from my network I can ping or reach any other of their computers.
I have routes and nat to there such as in
(for my internal traffic to that device in the router)
/sbin/route add -net 192.168.50.0/24 gw 192.168.50.1
/sbin/iptables -t nat -A POSTROUTING -d 192.168.50.0/24 -j SNAT --to
192.168.50.1
(and also for traffic to that address)
/sbin/route add -net n.n.0.0/23 gw 192.168.50.1
/sbin/iptables -t nat -A POSTROUTING -d n.n.0.0/23 -j SNAT --to
192.168.50.1
now, the question is,
which rule will make either responses from 2.35 or from 2.34 treated
as the same?
therefore traversing the firewall and going to whoever requested
again,
is there any way in which I can send a request to 2.34 and treat the
response I am getting from 2.35 as coming from 2.34?
Thank you,
Andres
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nmglug.org/pipermail/nmglug-nmglug.org/attachments/20070215/9ec6fc69/attachment.htm>
More information about the nmglug
mailing list