On Wednesday 2010-08-04 00:06, Timothy Hayes wrote: >I added the range of addresses with ip addr add x.x.x.# dev eth0 > >and setup a snat rule: >iptables -A POSTROUTING -o eth0 -p tcp --dport 80 -j SNAT --to-source >xx.xx.xx.131-xx.xx.xx.250 > >translation works fine, but I never seem to get an alternate ip from the >range. IIRC the algorithm tries to give you the same source address for a given source address. (I hear that banking sites and other sensitive stuff can get unhappy if your externally visible address suddenly changes.) -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
