Hi all, This is probably a FAQ, but I can't find the answer on google, so if you want to just point me to the correct FAQ, that's fine :-) I have a linux (2.2.19 kernel) system acting as the firewall/router for a DMZ and a private LAN. There is a private /30 network (192.168.100.x) between the firewall and the ISP, to which the default route is set. The problem is that packets from the linux box have the source address of the interface from which they come (eth2) which is the private network, and the ISP is (quite reasonably) not routing them out to the internet. The net effect is that I can get into the machine, using it's public address, but not out from it when I start the connection from the router. This strikes me as not the best situation (it's falling behind on the redhat network for a start!) What I'm after is to say to the machine somehow "when you source packets to the internet, use the public address, not the private one". Is there a way of doing this in 2.2 ? It seems to me that iptables NAT might be able to do it, but I can't find anything for 2.2 that can modify source packets outwards - sort of reverse-nat.... All help gratefully received. Simon - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
