My understanding of iptables, the -i eth0 is not necessary when you are specifying a source ip address. iptables -t nat -A PREROUTING --source 1.2.3.4 -j DNAT --to-destination 192.168.0.1 and iptables -t nat -A PREROUTING --source 5.6.7.8 -j DNAT --to-destination 192.168.0.2 The only need to identify the interface, -i eth0, is when you want to tell iptables to only look for information on a specific device. A case in point is that you should never see any 10.x.x.x or 192.168.x.x source ip addresses if eth0 is connect to the internet only. Of course this all changes if you are behind a firewall router. Steve Dawes Phone: (403) 268-5527 Email: SDawes at calgary.ca NOTICE - This communication is intended ONLY for the use of the person or entity named above and may contain information that is confidential or legally privileged. If you are not the intended recipient named above or a person responsible for delivering messages or communications to the intended recipient, YOU ARE HEREBY NOTIFIED that any use, distribution, or copying of this communication or any of the information contained in it is strictly prohibited. If you have received this communication in error, please notify us immediately by telephone and then destroy or delete this communication, or return it to us by mail if requested by us. The City of Calgary thanks you for your attention and cooperation.
