On Friday 15 November 2002 06:20 pm, Matthew TenHulzen wrote: > I have the following NAT line that excludes NAT'ing to the 192.168.250.= 0/24 > network. > > $IPTABLES -t nat -A POSTROUTING -o $INET_IFACE -d ! 192.168.250.0/24 -j > SNAT --to-source $INET_IP > > I need to exclude NAT for additional networks, but cannot figure out ho= w to > do it. I have tried duplicating this line, but it doesn't work. I als= o > cannot figure out how to specify multiple subnets in the same line. > > > Does anyone know how to exclude traffic to multiple subnets from being > NAT'ed?? If you want those subnets to be ACCEPTed instead of SNATted, just set up = a=20 series of rules that test for your selected subnets, and ACCEPT them, the= n=20 SNAT anything that makes it past those. j
