El miÃ, 01 de 09 de 2004 a las 09:59, Tomek Macioszek escribiÃ: > Hi > I have my FIREWALL BOX with address 4.3.2.1 (eth0) and local address 192.168.10.0/24. > Now I have SNAT: > iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth1 -j SNAT --to 4.3.2.1 > I would like to make SNAT with i.e two external address. > iptables -t nat -A POSTROUTING -s 192.168.10.0/28 -o eth1 -j SNAT --to 4.3.2.1 > iptables -t nat -A POSTROUTING -s 192.168.10.128/28 -o eth1 -j SNAT --to 4.3.2.2. It is good solution? Should I make alias for eth0 with address 4.3.2.2? Yes, it's a good solution, and you can use --to more than once in the same rule. Check iptables -j SNAT --help. You should have an alias for the IP if you need routing through the IP, not only for the SNAT. > Thanks for help and sorry for my English. > Best regards > T. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÃA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
