Hi there! I am trying to set up NAT using IPTABLES on a very simple configuration (for test-only purposes):
1. Machine with IP-adddr = 192.168.0.200/24 2. Linux-Box with IP = 192.168.0.222/24 3. On the eth0 of the Linux-Box IP-Alias used = #ifconfig eth0:1 192.168.0.225 4. NAT rules are: # iptables -t nat -F iptables -t nat -P PREROUTING ACCEPT iptables -t nat -P POSTROUTING DROP iptables -t nat -P OUTPUT ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.168.0.225 # Now, as I understand, it should be impossible to "telnet" to the 192.168.0.222 address, as it can't pass through POSTROUTING without mangling the sourse-ip. But it works as usual. Both ip-addresses of Linux-Box are telnet'able. It isn't correct, is it? Thank you, Anton Antropov .
