On 28 October 2011 12:20, Mezei Zoltan <[email protected]<mailto:[email protected]>> wrote: On Fri, Oct 28, 2011 at 12:44, John Haxby <[email protected]<mailto:[email protected]>> wrote: > iptables -t nat -A POSTROUTING -p udp -m udp --sport <host-ip> -p 371 \ > -j SNAT --to-source <license-ip>:371
You should use the OUTPUT chain in the nat table for this purpose, otherwise, correct. Even when I corrected the "--sport <host-ip> -p 371" to "-s <host-ip> --sport 371" it failed. # iptables -t nat -A OUTPUT -p udp -m udp -s 192.168.1.1 --sport 371 -j SNAT --to-source 192.168.1.2:371<http://192.168.1.2:371> iptables: Invalid argument. Run `dmesg' for more information. # dmesg | tail -1 ip_tables: SNAT target: used from hooks OUTPUT, but only usable from POSTROUTING ________________________________ I found my solution: a simple "iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to <license-ip>" is doing exactly what I want!! Thanks a lot for all your help! Christian
_______________________________________________ rhelv6-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv6-list
