[CentOS] iptables questionson CentOS
Indunil Jayasooriya
indunil75 at gmail.com
Fri Dec 5 08:20:31 UTC 2008
>> iptables -t nat -A POSTROUTING -o eth0 -s 192.168.101.230 -j SNAT
>> --to-source 1.2.3.4 -d www.centos.org
>>
>> Any idea to achieve it?
>
> The destination should be before the SNAT ... so try this:
>
> iptables -t nat -A POSTROUTING -o eth0 -s 192.168.101.230 -d
> www.centos.org -j SNAT --to-source 1.2.3.4
I did it once in the above way before posting this. it Did NOT work.
Anyway,
Has it wokrd for you?
>>
>> iptables -t nat -A PREROUTING -p tcp -m multiport -s ! 192.168.1.9
>> --destination-port 80,465,995 -j DNAT --to-destination :3128
>>
>> I want to exclude about 4 or 5 ips.
>>
>> let's say 192.168.1.11, 192.168.1.19, 192.168.1.20,192.168.1.25
>>
>> Is there a way to do it?
>
> Not that I can think of. If these IP addresses were in a contiguous
> block, it might be able to be summarized by one or two subnet statements
> instead of individual rules for each.
I will try, that means somwting like ! 192.168.1.9/29
--
Thank you
Indunil Jayasooriya
More information about the CentOS
mailing list