iptables and one-to-one NAT help needed
I need some help from someone who knows about configuring one-to-one nat using the iptables command.
Im in the process of setting up a wireless hotspot to grant internet access to our private network. I'm using DD-WRT and nocatsplash.
Im running a web server on my private LAN that is only accessible from the public side on port 80 where I will serve out landing pages including login.
The problem im having is that I cannot identify user's IP addresses on my webserver so I can grant them access. (I was planning to use the http servers client IP address and do an arp lookup to find the mac address)
Since my DD-WRT box is acting as router, the webserver sees all clients IP address as the IP of the router.
To solve this i've set up NAT using the following command:
/usr/sbin/iptables -t nat -I POSTROUTING 1 -p all -s 192.168.7.75 -j SNAT --to 192.168.7.75
(I do the above for all of the IPs in the 192.168.7.x public range) . Now, when a client connects the web server can identify them. So far so good.
The only problem is that when I run the above iptables command, nocatsplash stops working. (im using nocatsplash/splashd as the captive portal solution, it redirects users to my webserver if they access any URL and are not authenticated)
I suspect that nocatsplash uses iptables internally so when running the above command it conflicts.
Can anyone help shed some light on this or possibly help diagnose where the problem may be?
I can run any commands if you need to list the tables as they are before and after running the commands.
Any help would be much appreciated!