iptables nat problem bouncing through interfaces
 

I have 2 interfaces (only one wan facing) with public ip addressing. when i nat to the outside network, inside routed networks work fine, but when i nat to the inside interface the routed networks no longer work. That is too say when I nat to an inside ip, I appear natted, and not routed, to routed ip.

My question relates to iptables: How to I say 'nat everything but the routed networks'?

I have found that -d ! x.routed.1.x/x works: but I would like to write the rule so that it says -d ! x.routed.1.x/x + x.routed.2.x/x

Can anyone shed some light??

Nat outside, working routed net:

This works and I get 1 routed network (I have to drop the -i to make it work - why?):

I would like something like this:
thnx in advance..

Your rules are not clear. Have you 192.x.x.x/x in outside and in inside networks?
Why not use -o?
You can use the `-j ACCEPT' target to let a connection through for x.routed.1.x/x and x.routed.2.x/x without any nat taking place.
or try try chains.

inside.

my bad, meant -o; -i is dnat,

So there's no 'simple' way? I have to write individual rules for all the networks? This is the only rule i have in iptables..

I guess im really asking how to put 'and' in iptables: -d ! x + x

There is no AND operator, you need multipe rules:
I am correct in saying that you have subnets with public IP addresses both sides of the router under discussion, and that NAT should only apply to traffic between the subnet with private IP addresses and the Internet - not between your subnets.