NAT: 1-1 mapping from 192.168.x.x to 10.168.x.x ?

Discussion in 'Linux Networking' started by Stefano Masini, Aug 31, 2004.

  1. Hi,

    I have a machine on a 192.168.x.x network that I would like to
    configure in such a way that it believes to be in 10.168.x.x.

    In other words, if a packet comes in from, say, 192.168.3.4, I would
    like it to be mangled as it was coming from 10.168.3.4.

    In the same way, I would like outgoing packets for 10.168.x.x to be
    mapped to 192.168.x.x.

    I read the iptables manual and found out abount DNAT and SNAT, but it
    seems what they do at most is mangle addresses into a pool of
    addresses, is a round robin fashion. I don't need round robin. I need
    a 1-1 mapping.

    Anybody knows if this is doable ?

    Thanks!
    stefano
     
    Stefano Masini, Aug 31, 2004
    #1
    1. Advertisements

  2. Specify a netmask on the --to address. The example in the netfilter HOWTO:

    # iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth1 \
    -j SNAT --to 1.2.3.0/24

    The example does SNAT based on outgoing source address, whereas you
    probably want to do SNAT based on incoming source address and DNAT based
    on incoming destination address (separate rules) in PREROUTING for
    different interfaces.
     
    Allen Kistler, Sep 1, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.