Hi everyone,
I'm having some trouble with NAT in my gateway.
For the 10.13.0.0/16 network, I do not want to apply NAT through the gateway. However, the way it is configured, it is applying SOURCE NAT to traffic coming from 10.13.0.0/16 and changing source ip address to 8.8.8.1
For example, pinging from 10.13.0.11 to 10.101.14.1 (passing through the gateway, which is also a router in this case), then SNAT is applied and the ip packet gets changed to :
--------------------------------
| source address : 8.8.8.1_____|
--------------------------------
| dest. address_ : 10.101.14.1 |
--------------------------------
NAT's configuration in gateway/router:
Code:
iptables -t nat -A POSTROUTING -d 8.8.8.0/24 -o $EXTERNAL -j RETURN
iptables -t nat -A POSTROUTING -d 10.0.0.0/8 -o $EXTERNAL -j RETURN
iptables -t nat -A POSTROUTING -o $EXTERNAL -j LOG
iptables -t nat -A POSTROUTING -s 10.11.0.0/16 -d ! 8.8.8.0/24 -j SNAT --to-source 8.8.8.41
iptables -t nat -A POSTROUTING -s 10.12.0.0/16 -d ! 8.8.8.0/24 -j SNAT --to-source 8.8.8.42
iptables -t nat -A POSTROUTING -d ! 8.8.8.0/24 -j SNAT --to-source 8.8.8.1
So, I don't want to apply SNAT to traffic comming from 10.13.0.0/16.
How can I add this SNAT exception?