Hello, Al Grant a écrit : > > I have a network that is setup in the following way: > > www.dropbox.com/s/dt7q9owe5y997ug/Drawing1%20%282%29.jpg > > As you can see in the drawing I am trying to access a SMB share over a > port forward (DNAT). The issue is that the source address does not get > changed on the packet and when 192.168.150.100 goes to reply to > 192.168.0.101 it drops the packet as it does not know where to send > it. > > I need to add a SNAT rule to iptables in the Air Router. > > I am not good with iptables but think it would be something like: > > iptables -t NAT -A POSTROUTING -o Br0 -J SNAT --to-source 192.168.150.243 > > This should change the source of the packet to 192.168.150.243. Yes, except for the multiple case typoes (NAT -> nat, -J -> -j, and I suspect, Br0 -> br0), if the packets reach that rule. > I KNOW there are better ways to do it with new hardware etc, but there > constraints on solving this problem such that I need to NAT/SNAT. Can't you just add the proper routes on the hosts and/or routers ? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
