Skip to main content


Showing posts from July, 2008

Iptables: DNAT

DNAT stands for Destination NAT. It is a type of NAT. The other one is SNAT which stands for Source NAT. What's the difference I hear you ask. Good question! :) DNAT changes destination of relevant packets. SNAT changes the source of relevant packets. Last week, my boss asked me to open an internal system in order to be accessed publicly.
Let's say my internal system server's IP is and the system is a web-based system (port 80). It is behind a firewall which has a public IP say 111.222.333.444. To access the internal system from internet, the firewall IP should be used as a gateway to reach the internal system server.
Internet ----> Firewall ----> Internal system

I want to make any packets destined to port 3256 on firewall should be NAT'ed to internal system server on port 80. So the DNAT in firewall is:
iptables -t nat -I PREROUTING -s ! -p tcp --dport 3256 -j DNAT --to

There you go. All packets destined to firewall on p…

Linux : Before Munich, it was Extremadura

I remembered 3 years ago I read a Linux magazine about Munich. The government were going to convert all Windows PCs to Linux. Then I just came across an old news about how one of the poorest region in Spain migrated their all pcs using by civil servants duirng a weekend.

We changed the desktop systems from Windows to Linux during the weekend, when the civil servants came back next Monday morning they found Linux running on their desktop machines.

The public government of the Spanish region of Extremadura has now a long tradition of promoting and using free software. Extremadura is a region located in the South-West of Spain, in the center of a triangle formed by the cities of Madrid, Seville and Lisbon.

More from the news:

Another essential component of the network are the end user terminals. These were made from PCs running a localized version of Linux called Linex (compound word from LINux and EXtremadura) which they tailored to their specific needs and changing the name of the program…