I have 2 interfaces (only one wan facing) with public ip addressing. when i nat to the outside network, inside routed networks work fine, but when i nat to the inside interface the routed networks no longer work. That is too say when I nat to an inside ip, I appear natted, and not routed, to routed ip.
My question relates to iptables: How to I say 'nat everything but the routed networks'?
I have found that -d ! x.routed.1.x/x works: but I would like to write the rule so that it says -d ! x.routed.1.x/x + x.routed.2.x/x
Can anyone shed some light??
Nat outside, working routed net:
Code:
iptables -t nat -A POSTROUTING -i x.ouside.eth.x -s 192.x.x.x/x -j SNAT --to x.outside.eth.ip
This works and I get 1 routed network (I have to drop the -i to make it work - why?):
Code:
iptables -t nat -A POSTROUTING -s 192.x.x.x/x -d ! x.routed.1.x/x -j SNAT --to x.inside.eth.ip
I would like something like this:
Code:
iptables -t nat -A POSTROUTING -s 192.x.x.x/x -d ! x.routed.1.x/x + x.routed.2.x/x /
-j SNAT --to x.inside.eth.ip
thnx in advance..