> -----Original Message----- > From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx]On Behalf Of /dev/rob0 > Sent: Wednesday, November 09, 2005 10:18 AM > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: Re: ftp conntrack - nat problem > > In general if you have a static IP (as in "not changing ever", not "you > pay the ISP more and get custom rDNS") the SNAT target is better. Hi Rob, When you say the SNAT target is better. Can you quantify 'better?' Are there any functional limitations overcome by SNAT over the MASQUERADE target? Cheers, -pablo
