[CentOS] iptables questionson CentOS

Indunil Jayasooriya indunil75 at gmail.com
Thu Dec 4 09:21:15 UTC 2008


I know these  are a few  iptbales questions. NOT CentOS, anyway, I am
running a firewall on centos 5.x.

If you can response, it would be fine.

I want to add a SNAT rule for one user in LAN to access one particular
destination on the internet.

Let's say www.centos.org

I added the below rule. But . it does NOT work
Pls assume is the real ip of the firewall.
ip address is the client PC

iptables -t nat -A POSTROUTING -o eth0 -s -j SNAT
--to-source -d www.centos.org

Any idea to achieve it?

And Also,

the below rule excludes 1 ip. it works fine.

iptables -t nat -A PREROUTING  -p tcp  -m multiport -s !
--destination-port 80,465,995 -j DNAT --to-destination :3128

 I want to exclude about 4 or 5 ips.

 let's say,,,

 Is there a way to do it?

Hope to hear from you.

Thank you
Indunil Jayasooriya

More information about the CentOS mailing list