I tried to do a job about nat in the iptables!!i want to achive the effect that if a source ip from the intranet want to access the networks outside it must be changed !
for example,the source ip is 192.168.1.2,the destination ip is 192.168.2.1,if the source ip want to access the 192.168.2.1,it must become to 192.168.2.2 or others !

and my problem is here! when the 192.168.2.2 have no corresponding mac-address, the 192.168.1.2 can't access the 192.168.2.1!!it seems so normal because the 192.168.2.1 can't find the mac-address from 192.168.2.2 !!And I want to know that the changed ip of the nat must exist its corresponding mac-address ?
if it should exist ,and if the changed ip is the ip range(e.g:192.168.2.1--192.168.2.10),those ip must exist its corresponding mac-address?and it will be a trouble thing!!

sorry,my english is so bad!and i hope that you can understand what I said !! i look forward to your receive!!thank you!!!!

Hi,

It sounds like you should look into masquerading / mangle.

You can do what your wanting a few ways.

the above would take everything behind your nat box and apply it's ip address to it. So, if your nat box had an interface on the same subnet of your destination, it change the SOURCE IP. However, it will on change it to the IP of the interface sitting on the same subnet as the destination / interface.

The other way:

Using Mangle
That would take all traffic OUTBOUND on EHT0 and mangle it to be what ever ip range you wish to have. YOur going to need to use a few more rules though. The above example does not cover everything you will need to do. You should look into DNAT and SNAT.

Hope it helps.