Ray Leach wrote:
Hi
What would be the reverse of this rule?
Sven Michels wrote:
Ray Leach wrote:
Hi
Is it possible to reverse masq just one IP in a subnet?
I have a mail server on a private subnet and I want to reverse masq just the IP of the mail server.
Like that: iptables -A PREROUTING -t nat -p tcp --dport 25 -i $WORLD_DEV -j DNAT --to $MAILSERVERIP
iptables -A POSTROUTING -t nat -p tcp --sport 25 -o $DMZ_NET -j SNAT --to-source $WORLD_IP
you don't need a reverse rule. The server need to have the default gw set to the maschine where you used the iptables. it rewrites only the destination in the packet. source is the same. -- intraDAT AG http://www.intradat.com Wilhelm-Leuschner-Strasse 7 Tel: +49 69-25629-0 D - 60329 Frankfurt am Main Fax: +49 69-25629-256 Junk mail is war. RFCs do not apply.