Hi all, I've been using NAT for my home network (a single /24 RFC1918 address range) and it has been working well, however I've recently tried NATing a more complex environment environment as follows: Linux Machine: Internal Interface: 192.168.1.50/30 -> 192.168.1.49/30 External Interface: 81.179.30.111/24 Now, connected off the internal interface is a whole network consisting of several subnets all linked off each other - ie they are not directly connected to the linux machine. The problem I have is that the NAT on the linux box is only actually nating traffic that comes directly from 192.168.1.49 - the first upstream router. Any traffic from, for example, 192.168.2.0/24 wont get natted to 81.179.30.111 as expected. I can see this with tcpdump - traffic from the directly connected router gets natted, other traffic is seen (so its not a routing issue) its just not being natted. I am using kernel 2.6.18 and this is the rule I'm using for iptables: iptables --table nat -A POSTROUTING -o eth0 -j SNAT --to-source 81.179.30.111 Is there any thing I am missing with this configuration? Is there some limitation with doing NAT that only allows directly connected subnets to be natted? Any help or suggestions will be much appreciated as I've tried all configurations that I can think of and I'm at my limit now. -- Brad. - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
