Markus Feilner schrieb:

Hello List, I want to SNAT a host in my local net - i have been trying so by adding the following line to my susefirewall custom script

iptables -t nat -A POSTROUTING -s SOURCE_IP -d TARGET_IP -j SNAT --to-source NATTED_SOURCE_IP

I have configured DNAT the same, and that works fine, but outgoing packets are not natted. (My Firewall is also rejecting everything but allowed traffic) what's wrong? what am i missing? thanks a lot!

You may want to try this: iptables -t nat -I POSTROUTING -s SOURCE_IP -d TARGET_IP -j SNAT --to-source NATTED_SOURCE_IP to ensure no other rule in the queue before hits thoose packets! Take a look at ip route replace $srcip/32 dev $adev src $newsrc$ too The polarizer polarizers at its best http://www.glass-polariser.com