I have a customer with 200+ employees that I have put behind an iptables/netfilter firewall.
This customer has 128 real addresses and I waned to NAT to 20 of them. I set up ipaliases... and all works fine with the command: iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 66.2.9.1-66.2.9.21 HOWEVER, I have a few SSL HTTP apps that are screaming that my users' addresses keep changing... and then refuses my users further service. How do I make the NAT STATEFUL for any given connection ESTABLISHED or RELATED? Richard
