[PATCH] iptables gateway match
Patrick McHardy
kaber at trash.net
Fri Jun 1 18:52:00 CEST 2007
Amin Azez wrote:
> This adds a gateway match to iptables that lets you match against the
> routed ipv4 gateway, it's very useful for SNAT if you want to avoid
> replicating your routing in your SNAT table.
>
> e.g.
>
> iptables -t nat -A POSTROUTING -m gateway --nexthop 172.16.1.1 -j SNAT
> --to-address 172.16.1.5
> iptables -t nat -A POSTROUTING -m gateway --nexthop 192.168.1.1 -j SNAT
> --to-address 192.168.1.25
I'm wondering whether we really need a new match for this. It should
be possible to do the same using routing realms and the realm match.
More information about the netfilter-devel
mailing list