Hello, I am trying and having success to build a NAT using MASQUERADE target; I have a machine with two interfaces. eth0 is an internal IP of 192.168.0.45 (internal) network. eth1 is 10.0.0.1 (also intenal network) On this machine I run this: iptables -A POSTROUTING -t nat -o eth0 -s 10.0.0.0/24 -d 0/0 -j MASQUERADE iptables -A FORWARD -i eth1 -j ACCEPT I have a second machine, 10.0.0.189. This machine is connected directly to 10.0.0.1. (I can ping 10.0.0.1). It has only one nic. On this machine, the default gw is 10.0.0.1 Now, when I send from 10.0.0.189 a UDP packet to a different machine on 192.168.0 network (for example, 192.168.0.10) , it goes through the NAT on 10.0.0.1. I see that the source and destination UDP ports stay the same in the sender **and** in the receiver. When dealing with real NAT (when one side has external IP address), than the UDP **source** is changed by the NAT, and it is not the same on the receiver and the sender. My question is: how should I configure the rules so that the UDP source port will be changed by the NAT so it will not be the same on the receiver and the sender? rgs, Mark -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
