On Thursday 2011-07-28 14:00, Pandu Poluan wrote: >On Thu, Jul 28, 2011 at 17:05, Kumar Swamy <kswamy@xxxxxxxxxxxxx> wrote: >> Hello folks, >> >> I am a newbie to iptables and experimenting some stuff. So please excuse me, if this has already been discussed. >> >> I have a linux gateway which has a physical interface (eth0 ) and multiple virtual interfaces ( eth0:1, eth0:2), each has dynamic IP configured. >> I want to create an iptables rule for IP masquerading on eth0 , but packets going out on other interfaces should be left untouched. Is this possible? >> >> I tried >> -A POSTROUTING -o eth0 -j MASQUERADE >> But it seems packet going out on virtual NICs ( aliases) are also hitting this rule. >> Is there any way to solve this problem without using SNAT? Since I have IP address configured dynamically, there is no easy way to do SNAT. >> > >How does the routing work? I.e., when does a packet exits through eth0 >or eth0:1 or eth0:2? Routing only accepts eth0 because, again, eth0:1 as shown by braindead programs is not an interface. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
