> No, you do not want to DNAT to SOURCE-IP. You want to do something > like > the following: > > On DEBIAN, you would want to do something like the following: > > # Redirect traffic originally to DEBIAN to be to DESTINATION > iptables -t nat -A PREROUTING -d DEBIAN-IP -j DNAT --to-destination > DESTINATION-IP > # SNAT DNATed traffic from DEBIAN to DESTINATION to be from DEBIAN > iptables -t nat -A POSTROUTING -d DESTINATION-IP -j SNAT --to-source > DEBIAN-IP > > SOURCE ---> DEBIAN ---> DESTINATION ---> DEBIAN ---> SOURCE Thanks this worked like a charm! - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
