Re: NF [PATCH 4/4] xt_gateway

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jan Engelhardt wrote:
Netfilter: Import xt_gateway


Originally from <azez@xxxxxxxxxxxxxxx>,
http://lists.netfilter.org/pipermail/netfilter-devel/2007-June/027954.html

This adds a gateway match to iptables that lets you match against the
routed ipv4 gateway, it is very useful for SNAT if you want to avoid
replicating your routing in your SNAT table.

e.g.

	iptables -t nat -A POSTROUTING -m gateway --nexthop \
		172.16.1.1 -j SNAT --to-address 172.16.1.5
	iptables -t nat -A POSTROUTING -m gateway --nexthop \
		192.168.1.1 -j SNAT --to-address 192.168.1.25

to help you choose the right SNAT address.


I think MASQUERADE with properly set source addresses for
the routes should do the same since we already use the
gateway for the lookup.

What advantages does this offer over using realms?
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux