My apologies. In the diagram: System A: Client System B: Proxy System C: Server Brian Andrus -----Original Message----- From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Pascal Hambourg Sent: Friday, February 09, 2007 9:01 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: Iptables proxy to a different network Andrus, Mr. Brian (Contractor) a écrit : > > So to properly do this, I _must_ SNAT the connection It is a possibility. > and route them back from system C via system B? "Or", not "and". If you SNAT, the return traffic will be routed properly. > Diagram: > > +---------------+ > | System A | > +-------+-------+ > | > {===============} > { Internet } > {===============} > | > +---------------+ +---A.B.C.x-----+ > | Router +--------| System B + > +-------+-------+ +---------------+ > | > +-------+-------+ > | System C | > +---X.Y.Z.x-----+ This is getting complicated... In your first message, you said that A (the proxy) was a.b.c.1 and B (the server) was x.y.z.1. In this diagram, where are the client, the proxy and the server ?
