ip alias
Aleksandar Milivojevic
amilivojevic at pbl.ca
Tue Sep 28 15:56:58 CEST 2004
John Black wrote:
> but the traffic from 192.168.1.23 that i need to go to the internet i would
> like to
> have addressed as 161.31.31.23
You need SNAT (source NAT), not DNAT (destination NAT). I'll assume
eth0 has address 161.31.31.23:
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 161.31.31.23
or if eth0 has dinamically allocated IP address:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUARADE
I'm not sure why you are assigning local IP address as an alias to your
external interface (probably something you haven't mentioned), so I
wan't comment on whether it is needed or not. Also, in case when you
have multiple IP addresses (aliases) assigned to an interface, I'm not
sure exactly how MASQUERADE target behaves. man iptables for more
details and differences between SNAT and MASQUERADE targets.
--
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
More information about the netfilter
mailing list