Re: NAT WAN IP to internal range?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Thursday 29 December 2011 03:12 PM, Andrew Stone wrote:
I now have:

ip address add a.b.c.240/29 dev ppp0 broadcast a.b.c.247

iptables -t nat -I PREROUTING -d a.b.c.241 -j DNAT --to-destination
iptables -t nat -I POSTROUTING -s -j SNAT --to-source a.b.c.241

iptables -t nat -A PREROUTING -d a.b.c.242 -j DNAT --to-destination
iptables -t nat -A POSTROUTING -s -j SNAT
--to-source a.b.c.242

The .69 machine correctly has .241 ... however the machines located in
the range do not have .242 ?

Is this is correct way to specify a nat range with iptables?

From 'man iptables',

In Kernels up to 2.6.10 you can add several --to-destination options. For those kernels, if you specify more than one des‐ tination address, either via an address range or multiple --to-destination options, a simple round-robin (one after another in cycle) load balancing takes place between these addresses. Later Kernels (>= 2.6.11-rc1) don't have the ability to NAT
to multiple ranges anymore.


To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at

[Linux Netfilter Development]     [Linux Kernel Networking Development]     [Linux Networking Development]     [Linux Kernel Development]     [Linux Resources]     [LARTC]     [Bugtraq]     [Consulting]     [Free Internet Dating]     [Yosemite Forum]     [Photo]

Add to Google Powered by Linux