On Sat, 9 Jul 2005, Dan Schrager wrote:
> In the case of a single wire for ALL nodes, private WNs would need
> OUTPUT chain nat rules to redirect traffic addressed to public SE (CE,
> RB) to the private SE (CE, RB) (ip) address. Or they might leave it for
> the central NAT (PREROUTING chain, nat) with the penalty of an extra hop.
>
> In the case of a private network exclusively dedicated to WNs (without
> SE, CE, RB, etc) there would be NO need to use a new edg-gridftpd. Just
> mangle (source address) the traffic addressed to world and leave the
> private WN source address untouched when destination is public SE (CE,
> RB, etc).
> (A particular case, also possible, would be to use SE as NAT for WNs)
Do you have example iptables commands that implement the various
possibilities for such address translations?
|