Hello, I will try it as soon as possible ! many thanks Best regards. Le dim 11/05/2003 à 13:03, Laurent Luyckx a écrit : > Have look a the NETMAP patch from p-o-m. > It creates a static 1:1 mapping of the network address. > > (http://www.netfilter.org/documentation/pomlist/pom-combined.html#NETMAP) > > Cheers. > > On Sun, 2003-05-11 at 10:44, Francois LE BOURDELLES wrote: > > Hello happy netfilter users, > > > > First i use kernel 2.4.20 patch-o-matic'ed and iptables 2.4.8 > > I have to SNAT an DNAT a full subnet (199.1.4.0/0 (internal address > > plan) to 1998.1.4.0/0 (external view)) > > so I tried to use the command : > > > > iptables -t nat -A POSTROUTING -s 199.1.4.0/24 --to 199.1.4.0/24 -o > > tunnel0 -j SNAT > > (tunnel0 is a GRE typed tunnel) > > > > as the NAT Howto page shows (NAT-HOWTO-6.html). > > > > The aim is to have per exemple : 199.1.4.13 source changed to 198.1.4.13 > > > > but this command is rejected : > > > > As I understand the sources (iptables and kernel) this is because the > > --to only accept single IP address > > or a range of IP-address, the last one for a pool automatic selection > > [And I do not know for what this could be used !). > > > > DO THE HOW-TO PAGES HAVE TO BE UPDATED (removing of the full subnet SNAT > > and DNAT) ... or the iptables/ipfilter updated ? > > > > Regards. -- Francois LE BOURDELLES <flebourdelles@xxxxxxx>
