Printable View
I’m doing test for nat-router in backtrack 5.From Backtrack 5, it’s likely to ping the access point and the inner machine. - But the inner device unable to ping to outside world
Code:AP/Router: 192.168.0.1
BT/WLAN0: 192.168.0.100
BT/eht0: 192.168.1.5
internal machine: 192.168.1.99
Settings on BT:
# echo 1 > /proc/sys/net/ipv4/ip_forward
# iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.0 -o wlan0 -j SNAT --to-source 192.168.0.100
Looking at above scenario I think your using real system. And Backtrack should be router of your system. After loading the module iptable_nat it's fully operational :-) not including the machine behind the backtrack router needs to define the access point (access point/Router: 192.168.0.1) as their name server. If the IP of the internal network (BT/eth0: 192.168.1.5) is defined, name declaration does not work.
Astonishingly that "new" iptables authority does not create any differentiation. Backtrack workings as NAT-router, other than there is a very particular things can't understand at all: Name resolution (DNS) (e.g. google.com) does not labor on the internal machine (192.168.1.99) if the NAT-router (Backtrack) is defined as name server (the IP address have to be definite).other than the whole thing (DNS-resolution) works completely it the WLAN Access Point (192.168.0.1) is defined as the name server!
Immediately for the reason that your backtrack machine is complex as a NAT router does not stand for it will do something as a DNS server. If you would like to be capable in the direction to locate the clients to make use of it you would could accomplish with to run a DNS server on the backtrack machine. As far as I be acquainted with there isn't a DNS server builds into backtrack but I would not be surprised at all if I was extensive of the mark.
Thanks’ a lot Dude for the appealing feedback! at the same time as I appreciate you, in attendance is at the moment is other way than to locate up a DNS server on the NAT router within order inside the direction of have the DNS resolution fully operational designed for the clients in the 192.168.1.0 net. I hoped with the intention of this could be achieved at the same time as well in the midst of the iptables command
If the clients on the 192.168.1.0 network make use of internet DNS server that would also operational. Maybe there is a way to forward all DNS needs to an internet DNS server using iptables but you would require to do a small investigate. Here are some community DNS servers they could use server list.
Code:Iptables -t nat -I PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to 4.2.2.2
Thanks’ a lot for the help! Unfortunately the command
Above command does not solve the DNS problem, instead the clients in the 192.168.1.0 net are not even able to ping the WLAN AP at 192.168.0.1anymoreCode:# Iptables -t nat -I PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to 192.168.0.100.