How to DNAT to different local IP based on what public IP was accessed with Shorewall?

Posted by mikl on Server Fault See other posts from Server Fault or by mikl
Published on 2012-06-30T00:55:43Z Indexed on 2012/06/30 3:17 UTC
Read the original article Hit count: 492

Filed under:
|

My server has several public IPs, and is running a bunch of virtual machines with private IP adresses.

As an example, I want to map ports 80, 443 and 8080 on 232.21.23.23 (public) to 192.168.122.12 (private). I have tried a couple of different NAT mappings, but none of them seem to work:

# This doesn't work.
DNAT           net              loc:192.168.122.12  tcp  80,443,8080  -           232.21.23.23

# Neither does this.
DNAT           $FW              loc:192.168.122.12  tcp  80,443,8080  -           232.21.23.23

# Nor this.
DNAT           net:232.21.23.23 loc:192.168.122.12  tcp  80,443,8080

# I have no idea what I'm doing.
DNAT           $FW:232.21.23.23 loc:192.168.122.12  tcp  80,443,8080

Can anyone point me in the right direction?

© Server Fault or respective owner

Related posts about shorewall

Related posts about dnat