This link may have an answer. I haven't read the entire thing but, it talks about netfilter and the iproute2 utility. http://www.policyrouting.org/PolicyRoutingBook/ONLINE/CH08.web.html It's an online copy of a book (I have the hard copy). It's a very good book. Policy Routing With Linux - Online Edition by Matthew G. Marsh http://www.policyrouting.org/PolicyRoutingBook/ONLINE/TOC.html -- kelly http://home1.gte.net/res0psau/index.html#Hang-Gliding-Stuff -- -- \ / \/ /\ / \ -- -- Quoting David Sims <dpsims@xxxxxxxxxx>: Hi, I want to use Linux to do NAT between some 192.168.x.x addresses in a routed network on one side and a single 10.0.0.x/24 on the other side. I want to do one-to-one NAT but in a dynamic way... such that a calling address is NATed into the next available 10.0.0.x/24.... in a round robin sort of way... IS there a way to do this using NETFILTER?? If not NETFILTER, then how?? This sort of thing is common in many-to-one NAT (port-address translation)... but I need each call to come from a separate NATed IP address to support my application (TN3270 session)... It's OK to reuse addresses after a call (session) is complete, but each session needs to come from it's own fixed (for the duration of the session) IP address.... The exact application that I am trying to support is connecting to an IBM mainframe from random hosts in a routed network via an Attachmate gateway where calling addresses are mapped into terminal sessions on a 1:1 basis.... Port address translation won't work because all calls appear to eminate from the single IP address.... I need to do 1:1 NAT but only on a temporary basis where once a call is complete the NAT address can be used by another caller... Clues? Suggestions? Examples? TIA, Dave _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
