On Sun, 24 Nov 2002 [EMAIL PROTECTED] wrote: > Mike Burger wrote: > > > On Sun, 24 Nov 2002 [EMAIL PROTECTED] wrote: > > > > > Mike Burger wrote: > > > > > > > I'm not suggesting using a full /12 block. I was just noting that that > > > > range, like the 192.168 range, is listed as "private space"...you're fine > > > > with what you have...and the /24 that you'reusing. > > > > > > Hello > > > > > > So, do you means I can setup the NAT like this ? > > > iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE > > > > > > Thank for your help ! > > > > The short answer to the question above is yes. > > > > Note...if you just want to masquerade (as your line will do...not really > > NAT), you don't even need the "-s 192.168.0.0/24" listed in the line. > > > > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > > > > Will work just as well. > > If remove "-s 192.168.0.0/24", then the iptables how to range ip address for the > clients connect to Internet ?
Are you trying to restrict who can and can't access the net? If you're allowing everyone on your internal network to access the internet, you don't have to specify a range. If you're only allowing a select group to access the net, then you could do what you have. -- Mike Burger http://www.bubbanfriends.org Visit the Dog Pound II BBS telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list