Per-client NAT routing -- possible?
jelson at gmail.com
Thu Mar 23 03:49:36 CET 2006
[ Sent before I subscribed - I think it was silently dropped.
Apologies if you get 2. ]
I'm trying to set up a Linux box as a NATting router. But here's the
trick: my box's external interface is on a LAN that has a whole bunch
of routers on it, any of which can be used to access the Internet.
I'm trying to figure out how to configure iptables so that the NAT box
selects the router to use based on client IP address (i.e., the IP
address on the inside interface).
I've been tinkering with a command like this:
iptables -t nat -A POSTROUTING -i $INTERNAL_CLIENT_IP -o
external-iface0 -j SNAT --to $EXTERNAL_ROUTER_IP
...but it seems that --to controls the new source address given to the
packet (i.e., the router's outside-interface IP), and not the
destination to which the NATted packet is sent.
Could someone please point me in the right direction? Or is this not possible?
More information about the netfilter-devel