Hi all,

I am currently providing masquerading to clients on 192.168.132.0, i have another LAN on 192.168.133.0.

I have only one linux box providing IP Masq to clients on 192.168.132.0. If i were to change the ipchains script to provide NAT for both subnets? or can i just expand the subnets

Current

$IPC -A forward -s 192.168.132/24 -d 0/0 -j MASQ

if i were to expand the subnet:

$IPC -A forward -s 192.168/16 -d 0/0 -j MASQ

will it provide NAT for both subnets?

or

i were to add another subnet for masq

$IPC -A forward -s 192.168.132/24 -d 0/0 -j MASQ
$IPC -A forward -s 192.168.133/24 -d 0/0 -j MASQ

Pls advise


Thank you

Do you want the lans to talk to each other?
If so you need something like this BEFORE the MASQ rules:

$IPC -A forward -i ethX -s 192.168.132/24 -d 192.168.133/24 -j ACCEPT

$IPC -A forward -i ethY -s 192.168.133/24 -d 192.168.132/24 -j ACCEPT

Either should work but to mask the lans I'd use:
$IPC -A forward -i ethZ -s 192.168.132/24 -d 0/0 -j MASQ
$IPC -A forward -i ethZ -s 192.168.133/24 -d 0/0 -j MASQ

See:
http://www.ecst.csuchico.edu/~dranch/LINUX/ipmasq-beta/c-html/multiple-masqed-lans.html (http://www.ecst.csuchico.edu/~dranch/LINUX/ipmasq-beta/c-html/multiple-masqed-lans.html)

[ 16 July 2001: Message edited by: jumpedintothefire ]