On Tue, 2004-06-15 at 01:35, ads nat wrote: > Hi, > I am using Redhat Linux 9.0 with Iptables iptables > v1.2.7a. > I am trying to apply this rule for diverting trafic. > "eth1" is LAN interface for subnet 192.168.0.0/24 > ########## > [root@xxx root]# iptables -t nat -A PREROUTING -s > 192.168.0.2-192.168.0.10 -i eth0 -p tcp -j DNAT --to > 10.0.0.2:80 > iptables v1.2.7a: host/network > `192.168.0.2-192.168.0.10' not found > Try `iptables -h' or 'iptables --help' for more > information. > ########## > > It seems it does not accept multipal source addresses. > I sther any other wat do achieve this. > Thanks for support. <snip> You can either apply the iprange patch from patch-o-matic or, if you do not want to or cannot patch, break it into several rules using subnets. I've used SubnetCreator (http://subnetcreator.sourceforge.net) to help calculate subnets from ranges, e.g., 192.168.0.2/31 192.168.0.4/30 192.168.0.8/31 192.168.0.10/32 -- John A. Sullivan III Chief Technology Officer Nexus Management +1 207-985-7880 john.sullivan@xxxxxxxxxxxxx --- If you are interested in helping to develop a GPL enterprise class VPN/Firewall/Security device management console, please visit http://iscs.sourceforge.net
