I think you'll have to tweak your firewall scripts and build your own customized SNAT rules. I mean ..... your firewall script can easily get the IP address of the interface ( even alias one ) with something similar to: ifconfig "eth0 " | grep inet | cut -d":" -f 2 | cut -d" " -f 1 Then, in POSTROUTING you could build your rules, just like: iptables -t nat -A POSTROUTING -s 192.168.1.5 -j SNAT --to-source $IP_ETH0 iptables -t nat -A POSTROUTING -s 192.168.1.6 -j SNAT --to-source $IP_ETH00 iptables -t nat -A POSTROUTING -s 192.168.1.8/29 -j SNAT --to-source $IP_ETH01 ( 192.168.1.8/29 matches 7-15 ) ... and go on .... Note that this script can be only executed after ALL interfaces get their IP addresses .... Hope this helps, Leonardo Rodrigues Quoting Jeppe Sørensen <smed@tdcadsl.dk>: > Hello > > I have a little question that perhaps someone can help me with > > I have a interface to the inet with 4 dynamic ip addr > eth0 = first dynamic ip addr > eth0:0 = second dynmaic ip addr > and so on > > I want to make 1 on 1 nat on the frist 2 aliass and the last 2 alias are > for > the rest of the network > 192.168.1.5 nat to eth0 > 192.168.1.6 nat to eth0:0 > 192.168.1.7-to-15 nat to eth0:1 > 192.168.1.16-to-30 nat to eth0:2 > > but iptables wan't take alias > > What do I do / what can I do ? > > I have looked in the The netfilter user mailinglist Archives and found > the > following solution > > ip addr add w.x.y.z/bits dev eth0 label eth00 > > but how does I get it to work with dynamic address?
