Op 08-01-15 om 14:36 schreef Bonno Bloksma: > Hi Paul, > >>> At one place I have a Debian wheezy machine that acts as router / firewall >>> using iptables and default routing. >>> I used to have just 1 ip number on the uplink interface. And a simple >>> $IPTABLES --table nat -A POSTROUTING -o $WORLD_IF -j MASQUERADE line >>> in my firewall script sends all traffic out with that single ip addres via >>> NAT. >>> >>> Due to several reasons I now have to use more than 1 outbound ip address to >>> make clear from which internal segment the traffic is coming from. >>> So traffic coming from 172.16.20.0/24 needs to use $WORLD_IP1 And >>> traffic coming from 172.16.22.0/24 needs to use $WORLD_IP2 And maybe >>> traffic coming from 172.16.24.0/23 needs to use $WORLD_IP3 >>> >>> How do I configure something like that? >> >> Maybe by adding network aliases, and using SNAT in your firewall. >> >> See e.g. here: >> http://stackoverflow.com/questions/18052116/iptables-postrouting-with-snat-for-a-paritcular-destination-ip > > That article talks about a specific target whereas I want it for a specific > source net.
In the article he is changing the source IP, that's what you want. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl/ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
