LARTC - Aug 2003 - masqurading and source based routing

i have private network let it be 192.168.0.0/24
and and two external networks,
let it be 10.1.1.0/24 and 10.2.2.0/24
ip addresses of my linux box is
192.168.0.1
10.1.1.1
10.2.2.1

i want to masquarade all private network addresses through 10.1.1.1
but also if destination is not at 10.1.1.0/24 want to route masquaraded
packets through gateway 10.2.2.2

how to do that?

Agrui

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Hello Agri,

This doesn''t seem to difficult--are you telling us the whole story?  :)

 : i have private network let it be 192.168.0.0/24
 : and and two external networks,
 : let it be 10.1.1.0/24 and 10.2.2.0/24
 : ip addresses of my linux box is
 : 192.168.0.1
 : 10.1.1.1
 : 10.2.2.1
 :
 : i want to masquarade all private network addresses through 10.1.1.1 but
 : also if destination is not at 10.1.1.0/24 want to route masquaraded
 : packets through gateway 10.2.2.2

routing + masquerading:

  ip route change default via 10.2.2.2 src 10.1.1.1
  iptables -t nat -A POSTROUTING \
    -s 192.168.0.0/24 ! -d 10.1.1.0/24 -j MASQUERADE

or, better, just use SNAT --to-source:

  iptables -t nat -A POSTROUTING \
    -s 192.168.0.0/24 ! -d 10.1.1.0/24 -j SNAT --to-source 10.1.1.1

Let us know if this doesn''t do it.

-Martin

-- 
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/