Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 01-05-2005, 07:54 PM   #1
Registered: Feb 2004
Distribution: Gentoo Linux
Posts: 46

Rep: Reputation: 15
IPtables: SNAT & Aliasing

I currently have a running, funtional firewall. I have 1 external interface (eth1). I have aliased/multihomed additional external ips to that interface as well (eth1:eth1a, eth1:eth1b...etc). I have associated a few of the aliased IP's to an interal IP and the routing works fine inbound. For example, if I hit $ETH1:ETH1A I will be directed to Although, I am having problems with SNAT. When I set up a rule for all outbound traffice from to go out $ETH1:ETH1A, it just goes out eth1. When I try to specift the -o (outbound interface) as eth1:eth1a it still resuilts back to eth1. Even when I specify the aliased IP address explicitly it comes back to the ip of eth1.

Any help would be appreciated. Thanks in advance.
Old 01-05-2005, 08:44 PM   #2
Registered: Oct 2003
Location: Newport News, Va
Distribution: Debian
Posts: 246

Rep: Reputation: 30
You can't use aliases. You would need to do this.

iptables -t nat -A POSTROUTING -s -o eth1  -j SNAT --to $PUBLIC_IP_OF_ALIAS
Old 01-05-2005, 08:55 PM   #3
Registered: Feb 2004
Distribution: Gentoo Linux
Posts: 46

Original Poster
Rep: Reputation: 15
Yeah I tried that, but it did not work...I found out what the problem was though...

iptables -t nat -A POSTROUTING -s -o eth1  -j SNAT --to $PUBLIC_IP_OF_ALIAS
was entered after
MASQUERADE  all  --  
Once i reversed the order everything worked fine. Thanks for the help!


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTables: DNAT, SNAT and Masquerading tarballed Linux - Security 3 12-10-2004 03:45 PM
Samba & IPTABLES & Network Drives Oh My! logicdisaster Linux - Networking 3 06-03-2004 06:07 PM
kmyfirewall & dynamic IP for POSTROUTING SNAT mpw Linux - Software 0 05-05-2004 07:12 AM
%&*#&$$ iptables modules Hangdog42 Linux - Newbie 10 03-03-2003 08:16 PM
IPTables - DNAT, SNAT, port forwarding FunkFlex Linux - Security 2 01-15-2002 07:18 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:53 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration