DNAT/SNAT question

Jason Opperisano opie at 817west.com
Thu Apr 14 19:57:23 CEST 2005

On Thu, Apr 14, 2005 at 10:49:30AM -0700, Gary W. Smith wrote:
> Jason, 
> So I would do something like 
> [0:0] -A PREROUTING -d -j NETMAP --to
> Instead of:
> [0:0] -A PREROUTING -d -j DNAT --to-destination


> And 
> [0:0] -A POSTROUTING -d -j NETMAP --to

change that to:  -s ...

> Instead of:
> [0:0] -A POSTROUTING -o eth0 -s -j SNAT --to-source
> And 
> [0:0] -A OUTPUT -d -j NETMAP --to OUTPUT

get rid of the wayward "OUTPUT"

> Instead of:
> [0:0] -A OUTPUT -d -j DNAT --to-destination
> Is this correct?

aside from what appears to be some errant copy & paste details, yes.

> Please note, not valid external IP's...



"Peter: This party couldn't be better if Jesus was here.
 Jesus: For my next miracle, I will turn water... into FUNK."
        --Family Guy

More information about the netfilter mailing list