try the following command...substitute in your subnet for the 192 subnet. /sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -d ! 192.168.0.0/16 -j MASQUERADE Adam Gilstrap agilstrap@xxxxxxxxxxxxxxxx Hi All, I used iptables-1.2.9 on my firewall, but when i accessed site like : http://www.slac.stanford.edu/cgi-bin/nph-traceroute.pl the browser show my private address that used on my PC not public address on my firewall, like this : You are about to request a traceroute that may be interpreted as an 'attack' from www.slac.stanford.edu, by a firewall protecting your browser: 10.62.22.201 (host with no DNS entry). Have you read the description above and is it OK to proceed? What shoud I do in order to make the destination detect only my public address ? I used this command line ; iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <Public_Address> Regards, Fendi ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message.
