[Firehol-support] Re: exclude from SNAT

Carlos Rodrigues carlos.efr at mail.telepac.pt
Thu Nov 3 21:48:23 GMT 2005

Gergely Imre wrote:
> i have a question about defining some SNAT rules. i want to exclude some 
> packets from being SNAT'ed.
> i want it like this:
> iptables -t nat -A POSTROUTING -d some_real_ip -o eth0 -j ACCEPT
> iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source real_ip
> so anything sent to some_real_ip i want not to be SNAT-et. is there any 
> config in firehol to do this ? or any other workaround?

Maybe this does the trick?

snat to real_ip outface eth0 dst not some_real_ip

Carlos Rodrigues

More information about the Firehol-support mailing list