some problems about nat in the iptables
I tried to do a job about nat in the iptables!!i want to achive the effect that if a source ip from the intranet want to access the networks outside it must be changed !
for example,the source ip is 192.168.1.2,the destination ip is 192.168.2.1,if the source ip want to access the 192.168.2.1,it must become to 192.168.2.2 or others ! and my problem is here! when the 192.168.2.2 have no corresponding mac-address, the 192.168.1.2 can't access the 192.168.2.1!!it seems so normal because the 192.168.2.1 can't find the mac-address from 192.168.2.2 !!And I want to know that the changed ip of the nat must exist its corresponding mac-address ? if it should exist ,and if the changed ip is the ip range(e.g:192.168.2.1--192.168.2.10),those ip must exist its corresponding mac-address?and it will be a trouble thing!! sorry,my english is so bad!and i hope that you can understand what I said !! i look forward to your receive!!thank you!!!! |
Hi,
It sounds like you should look into masquerading / mangle. You can do what your wanting a few ways. Code:
iptables -t nat -A POSTROUTING -o <your interface> -j MASQUERADE The other way: Using Mangle Code:
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.168.2.1:192.168.2.10 Hope it helps. |
All times are GMT -5. The time now is 01:56 AM. |