Le mer 03/12/2003 à 12:10, Luca Scattin a écrit : > Noy I try to modify cleint packet address using SNAT > iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 192.168.0.21 > (example). > but in the second interface i view allvays the original client > packets.... > I mistake something but I don't know what. On 2.6 kernels, output interface will be br0, not eth0. So you'll have to use physdev match in order to have your rule work : iptables -t nat -A POSTROUTING -m physdev --physdev-out eth1 \ -j SNAT --to 192.168.0.21 I don't know if this behaviour has been backported to 2.4 kernels. At least, you can try ;) -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
