IP forwarding without NAT
This is a discussion on IP forwarding without NAT within the Linux Networking forums, part of the Linux Forums category; Hello, I am trying to setup a traffic shaper using HTB on my network; the thing is i don't ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-16-2007
|
|||
|
|||
IP forwarding without NAT
Hello,
I am trying to setup a traffic shaper using HTB on my network; the thing is i don't want to use NAT because i want the same IP address that was inputed on one side to be outputted on the other side, this will make life easier for me as i don't need to alter the Firewall rules to meet the NAT requirements. 192.168.1.24(HTTP req) 192.168.1.24(shaped HTTP req) ---------------------------------->[Trafic shaper]----------------------------------------------->[Firewall]---- >[Internet] eth0 eth1 eth0 192. 192. 192. 168. 168. 168 1. 1. 1. 1 2 254 The diagram above is a basic representation of what i am trying to do; the traffic shaper is only forwarding traffic between eth0 and eth1 while maintaining the source IP address. My question is, In order to achieve this do i need to enable IP forwarding only and do some basic iptable entries like this: # echo 1 > /proc/sys/net/ipv4/ip_forward # iptables -F # iptables -P INPUT ACCEPT # iptables -P OUTPUT ACCEPT # iptables -P FORWARD ACCEPT In this scenario the client(s) will have their default gateway set to the Traffic shaper 192.168.1.1, the Traffic shaper will have it's default gateway set to the Firewall 192.168.1.254. In short; i just wanted to know if anyone has tried this or if it is possible for it to be done without the use of NAT. Thanks for reading. 
|
|
09-17-2007
|
|||
|
|||
|
Re: IP forwarding without NAT
On Sep 16, 3:09 pm, balzan...@yahoo.com wrote:
> In short; i just wanted to know if anyone has tried this or if it is > possible for it to be done without the use of NAT. It can be done with bridging and ebtables. Use the ebtables 'BROUTING' table. DS
|
|
09-17-2007
|
|||
|
|||
|
Re: IP forwarding without NAT
On 16 Sep, 23:09, balzan...@yahoo.com wrote:
> Hello, > > I am trying to setup a traffic shaper using HTB on my network; the > thing is i don't want to use NAT because i want the same IP address > that was inputed on one side to be outputted on the other side, this > will make life easier for me as i don't need to alter the Firewall > rules to meet the NAT requirements. > > 192.168.1.24(HTTP req) 192.168.1.24(shaped HTTP > req) > ---------------------------------->[Trafic > shaper]----------------------------------------------->[Firewall]---->[Internet] > > eth0 > eth1 eth0 > 192. > 192. 192. > 168. > 168. 168 > 1. > 1. 1. > 1 > 2 254 > > The diagram above is a basic representation of what i am trying to > do; the traffic shaper is only forwarding traffic between eth0 and > eth1 while maintaining the source IP address. > > My question is, In order to achieve this do i need to enable IP > forwarding only and do some basic iptable entries like this: > > # echo 1 > /proc/sys/net/ipv4/ip_forward > # iptables -F > # iptables -P INPUT ACCEPT > # iptables -P OUTPUT ACCEPT > # iptables -P FORWARD ACCEPT > > In this scenario the client(s) will have their default gateway set to > the Traffic shaper 192.168.1.1, the Traffic shaper will have it's > default gateway set to the Firewall 192.168.1.254. > > In short; i just wanted to know if anyone has tried this or if it is > possible for it to be done without the use of NAT. > > Thanks for reading. oops, the diagram didn't work out right; let me redraw it. | 192.168.1.24(HTTP request) | | | | eth0 192.168.1.2 [Traffic shaper] | eth1 192.168.1.3 | | | 192.168.1.24(Shaper HTTP request) | | | eth0 192.168.1.254 [Firewall] | | So 192.168.1.24 stays the same even after passing through the traffic shaper. And thanks David for the reply, i will look into ebtables.
|
Linear Mode
