I have a LTSP subnet (192.168.0.0/24) and want to disable NAT for every client except one client
The purpose is to deny (on demand) access to internet from student clients, but always allow it from the unique teacher client.
The IP of client used by teacher is always the same: 192.168.0.253
The LTSP subnet is connected to eth1, while internet comes from eth0 (this NIC is connected to a router placed between the LAN: 10.0.0.0/8 and WAN school backbone: 172.16.0.0/12).
My distro (debian-edu) has included a /etc/init.d script named enable-nat that I would use for the purpose.
Basically it uses two functions:
When service START:
do_start()
{
/sbin/iptables -t nat -A POSTROUTING -s $NETWORK_TO_NAT -o $OUTSIDE_IF -j MASQUERADE
}
When service STOP:
do_stop()
{
/sbin/iptables -F -t nat
}
Was wondering how I can implement what I wish using this script.
Thanks in advance