Your private LAN does not determine whether you use SNAT or MASQ - since your public IP is static, use SNAT. Make sure you enable ip_forward.
Darrell On Tue, Feb 26, 2002 at 01:13:24PM -0500, Bara Zani wrote: > Hi All , > I have a box with two interfaces > 1.public ip ( static ) > 2.private lan ( 192.68.1.x ) > > i read the faq on iptables.org and it says : > There is a specialized case of Source NAT called masquerading: it should > only be used for dynamically-assigned IP addresses, such as standard dialups > (for static IP addresses, use SNAT above). > so i say ok , forget masq use snat > but it will not work > iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth2 -j SNAT --to > my.public.ip > am i misunderstanding ? > if i have a private lan must i use masq no matter what ? > thanks > barazani
