-----Original Message----- From: /dev/rob0 <rob0@xxxxxxxxx> To: netfilter@xxxxxxxxxxxxxxxxxxx Date: Wed, 31 Aug 2005 06:37:33 -0500 Subject: Re: Source NAT > On Wednesday 2005-August-31 06:18, Jimmy wrote: > > I currently have a situation that I am hoping iptables can resolve. > > The issue is that I need to NAT the source address based on the > > destination address. Is that possible with IPTables ? > > Trivial. > > > if dst = 1.1.1.1 src = 10.1.1.1 > > iptables -vt nat -A POSTROUTING -d 1.1.1.1 -j SNAT -to 10.1.1.1 why -vt? this rule confused me, I'm a begginer; what about iptables -t nat -A POSTROUTING -s 10.1.1.1/24 -j SNAT --to 1.1.1.1 or iptables -t nat -A POSTROUTING -o eth0 -s 10.1.1.1/24 -j SNAT --to 1.1.1.1 > > > Can anyone give me any advice on completing that? > > "man iptables" > > Order matters. If you have a catchall SNAT rule before the specific > destination ones, the catchall is the one used. > > NAT != routing. If your SNAT'ed IP addresses need to go out different > interfaces, this won't work. See the LARTC HOWTO. > -- > mail to this address is discarded unless "/dev/rob0" > or "not-spam" is in Subject: header
