Am Mon, 2003-08-04 um 20.05 schrieb Ralf Spenneberg: > > iptables -A FORWARD --match mac --mac-source 00:c0:49:c9:d3:f1 -j MASQ > You need:iptables -A FORWARD --match mac --mac-source 00:c0:49:c9:d3:f1 > -j MASQUERADE This is of course wrong. I take the opportunity to correct myself. I guess I need more coffee. Masquerading is done in the nat table in the POSTROUTING or OUTPUT chain, therefore the line reads: iptables -t nat -A POSTROUTING --match mac --mac-source \ 00:c0:49:c9:d3:f1 -j MASQUERADE > > Cheers, > > Ralf -- Ralf Spenneberg RHCE, RHCX Book: Intrusion Detection für Linux Server http://www.spenneberg.com IPsec-Howto http://www.ipsec-howto.org Honeynet Project Mirror: http://honeynet.spenneberg.org
