Hello, I use iptables -t nat -I POSTROUTING <packet matching options> \ -j SNAT --to-source <addr> on non-dynamic connections. I just tried, it also works with "-j MASQUERADE" in POSTROUTING. Make sure your kernel config has CONFIG_IP_NF_NAT_LOCAL=y. At least that is necessary for SNAT. The default kernel for SuSE9.0 comes with CONFIG_IP_NF_NAT_LOCAL=n, so you probably need to build your own kernel. hth Matthias --On Tuesday, January 27, 2004 11:14:40 +0100 BLeonhardt@analytek.de wrote:
I'll correct my statement : it shouldn't work - MASQUERADE is only valid for POSTORUTING :-( ... but how do I do that instead ?
didn't find anything useful yet - even not at netfilter.org in the nat howtos...
I need to masq locally generated outgoing packets for dynamic ip ...
-bruno