Hi Payal, > I don't know much about SNAT. But is this equivalent to i-spoofing in > such case? Is this how SNAT works? > > Assume I have a internal ip 192.168.0.10. All traffic coming from it > should be seem as coming from 202.1.1.1. So I use SNAT and POSTROUTING > and now connection seems to take place from 202.1.1.1. But isn't it > similar to ip-spoofing? Technically, I suppose that IP spoofing is simply generating a packet where the source address is not an address of your own machine. I suppose that SNAT is one way of achieving that, although there are far easier ways if that's all you want to do, and SNAT can also be used for non-spoofing purposes, such as rewriting to an alias on your machine. Cheers, Chris. -- ___ __ _ / __// / ,__(_)_ | Chris Wilson -- UNIX Firewall Lead Developer | / (_ / ,\/ _/ /_ \ | NetServers.co.uk http://www.netservers.co.uk | \ _//_/_/_//_/___/ | 21 Signet Court, Cambridge, UK. 01223 576516 |
