ipnatctl: exclude addresses

Harry Holt hholt@home.com
Thu, 23 Sep 1999 01:43:58 -0400

At 02:20 PM 9/23/1999 +1000, Horms wrote:
>  I am looking to use ipnatctl to redirect port 80 traffic to port
>8080 on a proxy server. So I put in a rule along the lines of:
>/sbin/ipnatctl -I -p tcp -d --dport 80 -b dest -t
--to-port 8080
>Problem is that the proxy servers outbound traffic has to 
>travel though this router too and this rule will
>basically redirect the proxy's retrieval attempts back to
>itself. Right?
>Is there a way to exclude some hosts from the NAT, possibly
>by looking at the source interface?
>As it happens in this case the address which the proxy server sits on
>will be masqueraded using:
>/sbin/ipnatctl -I -s -b source -m masquerade
>Perhaps a noop mapping should exist.

What happens if you also do:

ipnatctl -I -p tcp -s -b dest

... HH