MASQ without forwarding?
Thu, 31 Jan 2002 20:21:45 +0000
I am running MASQUERADING for my local class C subnet using a Linux box,
with the following command;
$IPT -t nat -A POSTROUTING -o ppp+ --source $MY_NET -destination $ANYWHERE
However I want to run MASQUERADING without having to have ip_forwarding
enabled. Is there a simple way to do this?
I have tried changing the above rule to;
$IPT -t nat -A PREROUTING -i eth0 --source $MY_NET --destination !
$FW_BOX,$MY_NET -j MASQUERADE
However this does not work.
I also note that the first rule above, requires the machines being MASQ'ED
to have the ability to send a recieve traffic through the FORWARD table.
Why is this so? Does IPTables start the new connection via the MASQUERADE
rule with all subsequent data travelling through the FORWARD rule?
If this is all covered in a tutorial somewhere please point me in that
direction, I have been unsucessful in locating it thus far.
Send and receive Hotmail on your mobile device: http://mobile.msn.com