On Sat, Mar 02, 2002 at 01:48:43AM -0800, Bambang Yulianto wrote: > here is the pic : > > [internet]----------[Linux]----------[LAN] > | | | > 202.149.83.192-207 202.149.83.194 192.168.0.1-35 Very good! > ip rule add from 192.168.0.0/30 nat 202.149.83.195 > ip rule add from 192.168.0.4/30 nat 202.149.83.196 > ip rule add from 192.168.0.8/30 nat 202.149.83.197 I don't think this syntax works anymore. I would do this with iptables, http://www.iptables.org - that syntax is far more widely used. I'm not even sure if it ever worked! Every packet coming from 192.168.0.1 or 0.2 or 0.3 will get assigned 202.149.83.195 - this is information loss, there is no way to map back. Otherwise, read the iproute documentation, it's called ip-cref.tex I think. But I think you should use iptables and SNAT - you need a way to map packets back using a table. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO