peterlin
Joined: 30 Sep 2011 Posts: 3
|
Posted: Fri Oct 07, 2011 9:44 am Post subject: Multiple external ip addresses |
|
|
I have compiled version 1.6 with MULTIPLE_EXTERNAL_IP defined, and when testing with upnpc ... -s it does present the correct external ip address.
However my DNAT rules still look like this:
target prot opt source destination
DNAT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1024 to:172.16.11.195:1024
This means that port 1024 is open on all the external ip addresses (nmap confirms this). This may not be that big of a problem, but prevents different internal VLANs to re-use the same port (im SNATing one external ip address to one specific VLAN). If "destination" can be the external ip address, i think it would work. But i'm no iptables expert |
|