Hi, > I'm kinda new at this iptables thing. I've been running into a problem > with trying to NAT for a class C subnetted class A network...i.e. > 10.168.1.0/24. The syntax I've been using is as follows -- $ipt -t nat > -A POSTROUTING -o $outside -j SNAT -to-source $lan, with the variable > $lan = "10.168.1.0/24". Everytime I've ran the script I get the > following error <iptables v.x.x.x Bad IP Address. Can anyone please > help me with the proper syntax to make this work? I've tried various > options such the one above, also including the whole subnetmask and > playing around with different delimitation options, nothing seems to > work. I think you have to give the IP Address of the $outside Interface to --to-source (not a network Address) Are you trying to reach the Internet from your local net?? then the follwing should work:$ipt -t nat -A POSTROUTING -o $outside -j SNAT -to-source $outsideIP If you dont have a static IP use -j MASQ hth Andreas Grabner
