I have two systems, both on the same private subnet.
Both are connected to a WAN (actually a wifi user group). As the one machine is a server, I've got it 1:1 natted so that external users can fully access it. The rules I've used for this is:
Code: Select all
0 chain=srcnat action=src-nat to-addresses=172.21.3.90 src-address=192.168.0.170
1 chain=dstnat action=dst-nat to-addresses=192.168.0.170 dst-address=172.21.3.90
My personal system makes use of src-nat to go via the external IP of my wifi interface:
Code: Select all
10 chain=srcnat action=src-nat to-addresses=172.21.254.17 dst-address=172.16.0.0/12
Obviously I don't really need to, as I can access it via the local IP, but for testing purposes it would be nice to be able to access the external IP.
I imagine I need to use mangle rules or something to accomplish this, but I don't really know where to start.
Any ideas?
Thanks.