> outside router --> NAT system --> other systems with public IPs. > > I am wondering if this is possible and feasable with > netfilter. I don't want netfilter to NAT any packets sent to > the public IPs that aren't on the NAT system. > > Any help is greatly appreciated, If there are only "other systems with public IPs", then I'd say there's no need for a "NAT system". The only thing you want to do would be filtering ? You can just allow forwarding for IP's that you want and route the packets through your firewall. If you also have other systems that have private IP's then you just NAT those IP's, in addition to the above. Gr, Rob
