This is the setup:
Debian Etch as physical server
VMware Server to host virtual machines using NAT networking
Shorewall 3.2.6 installed on the Debian server as a iptables manager.
If you have more than one IP available to your Debian server you can assign both to the only network card of your Debian machine. This is how to:
1- Add the new IP to the network card. Edit the file
/etc/network/interfaces to add the followingauto eth0:0iface eth0:0 inet staticaddress <NEW IP>netmask 255.255.255.255 broadcast <NEW IP> network <NEW IP>You have to activate the new eth0:0 you just created:
ifup eth0:0
2- Check that the new intervace is active with:
ifconfig
3 -Now you have to tell the firewall (Shorewall) that all trafic that comes trhough the specific
Edit /etc/shorewall/rules
#ACTION SOURCE DEST PROTO DEST PORT(S) ACCEPT net $FW:(NEW IP) tcp 80
With this rule we are allowing web traffic from net to the eth0:0
4-Now we new to tell the VMware NAT
/etc/vmware/vmnet8/nat/nat.conf
and add this line:
80 = 172.16.1.10:80
5- Restart your vmware server:
/etc/init.d/vmware restart
Now if you boot your virtual machine and write the NEW IP in your web brower you will see how your traffic is redirected to the virtual machine.
Enjoy it!!
IMPORTANT:
'Shorewall can create the alias (additional address) for you if you set ADD_SNAT_ALIASES=Yes in
/etc/shorewall/shorewall.conf'YOU BETTER DISABLE THIS FEATURE BECAUSE IT MESSES YOUR DEBIAN NETWORKING. I set up ADD_SNAT_ALIASES=no
You can visit this for more info:
http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html
http://help.ovh.co.uk/VMware
