[ale] Iptables packet mangling
Bob Kruger
krugerb at benning.army.mil
Fri Jun 29 18:13:19 EDT 2001
I am looking for a good example to do some outgoing packet mangling for
a small class C subnet that is routed through a Linux box prior to being
sent to the Internet. Previously with ipchains I did this via
masquerading. The "man iptables" recommends using SNAT if the outgoing
IP address is stable (which, in my case, it is).
Example:
Six systems, on class C Subnet, 192.168.1.0/24
Linux bridge/route, eth0 on 192.168.1.1
Same Linux bridge, eth1 on 172.16.81.10.
Traffic for the small subnet will go out through eth1 on the Linux box.
I would like all outgoing packets to have a source address of
172.16.81.10 (e.g., a little masquerading) after leaving the Linux box.
Packet forwarding is working fine, as is everything else. I just am not
coming up with a good solution on packet mangling. Anyone have a good
solution they are willing to share? IPTables seems robust and fast,
albeit good documentation and examples are a little sparse at the
present.
Thanks in advance for any assistance.
Regards - Bob Kruger
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list