Le ven 14/05/2004 à 17:22, Christian E. López Finnberg a écrit : > So the only resting step is to translate 192.168.x.1 to 192.168.55.1 in the > apropiate interface (In a POSTROUTE way), but I dont > see a form to do this. :-( I see your point. You can't change destination in POSTROUTING, so your approach is not appropriate. You should implement policy routing against Netfilter mark : iptables -t mangle -A PREROUTING -d 192.168.2.1 \ -j MARK --set-mark 0 iptables -t mangle -A PREROUTING -d 192.168.2.1 \ -j DNAT --to 192.168.55.1 Then, set policy routing as explained in LARTC[1] using iproute2 : echo 200 ippp0 >> /etc/iproute2/rt_tables ip rule add fwmark 0 table ippp0 ip route add default dev ippp0 table ippp0 Do the same for every route you have, or script in a loop. [1] http://lartc.org/ -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
