On 08/04/2014 03:45 AM, Hans Witvliet wrote:
Hi all,
does anyone knows how to get around a build-in limitation of iptables?
What i want to do is something like: iptables -t nat -A POSTROUTING -p tcp -port 873 -j SNAT -o br1 --to-source 1.1.1.82
iptables -t nat -A POSTROUTING -p tcp -port 80 -j SNAT -o br1 --to-source 1.1.1.83
iptables -t nat -A POSTROUTING -p tcp -port 25 -j SNAT -o br1 --to-source 1.1.1.84 etc etc ......
So basically i want SOME traffic being SNAT-ed, but not all !!
specifically: my six ipv6-tunnels towards H.E. don't like to be natted, the all have their own specific IPv4-addres.
Hans
As I understand it, he.net connections have to be terminated on your firewall/router and not passed onto another computer. I use gogo6 and it does support NAT, though by using UDP instead of 6in4 tunnelling. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org