ok i have a program called arpwatch on the network, monitors arp/ipmatching,
it sees that the public side of the Snat box has its mac address switch
between the public and private interface.
here i tried to provide most the information that i can think of.
iptables v1.2.7a:
____________________
Linux ns.highlandshighspeed.net 2.4.19-gentoo-r10 #5 Sun Mar 9 16:53:57 PST
2003
i686 Intel(R) Pentium(R) 4 CPU 1.60GHz GenuineIntel GNU/Linux
_____________________________
/bin/echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 198.31.174.56
__________________________
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- anywhere anywhere to:198.31.174.56
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
__________________________
eth0 Link encap:Ethernet HWaddr 00:04:75:A0:DE:59
inet addr:a.b.c.d Bcast:198.31.174.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:18320637 errors:0 dropped:0 overruns:1 frame:0
TX packets:18395481 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:3151929956 (3005.9 Mb) TX bytes:4285940372 (4087.3 Mb)
Interrupt:11 Base address:0xe400
eth1 Link encap:Ethernet HWaddr 00:04:75:A0:DD:F9
inet addr:A.B.C.D Bcast:192.168.33.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:20321245 errors:0 dropped:0 overruns:5 frame:0
TX packets:18611116 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:768762048 (733.1 Mb) TX bytes:3808977459 (3632.5 Mb)
Interrupt:10 Base address:0xe800
