One hop source address change
I have a really weird question, but before I ask it, I can tell you that I know the answer is *NOT* SNAT. My issue is that its *close* to SNAT, but in actuality, its something a little more specific than that. What I want to do is have a packet gain an IP address of another interface for that particular hop only (I.E, it doesn't change the source address for ALL packets, just the packet forwarded through that system). If I have system 'B' with two interfaces, acting as a router, I want all packets going out port 2 (lets call it eth1) to have the address of port 1 (lets call that eth0). Normally, with SNAT, you would do: "iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to <address of eth1>". Unfourtunately, this changes the source address of every packet going out of eth1, not just the particular hop. The reason for the bizarre request is that I have a ppp bridge over vtun working between two machines, and whenever a packet goes over the bridge, it acquires the address of the bridge. Normally, this is OK, but further down the line, for the packet to reutrn, I would have to input the routes for both the network on the far end. Being a hassle, I found that if I change the address of the packet through system 'B', I only have to specify one route, and the packet returns just as easily. Does anyone know how to do this with iptables? All I can find is SNAT'ing, and that really mangles the packet bad, when all I need is a one-hop change. Thanks in advance,
Ian
|