Baishampayan Ghose wrote:
T,
i have installed opensuse 10 on the gateway of a medium-sized network. i want the gateway to be able to do packet forwarding and ip masquerading for only some hosts of the internal network (172.16.0.0/16). in other words, i want to share the internet connection with only those clients that i select. using acl-s in squid in not the answer, because i want to control *all* traffic, not only http or ftp. can this be done using free/opensource software?
Netfilter does everything you will ever need. $ iptables -t nat -A POSTROUTING -s 172.16.0.0/16 -j SNAT --to GateWayIP $ iptables -t nat -A POSTROUTING -j DROP That should do it fine ... Regards, BG
thanks for your answer. but it doesn't really solve my problem. perhaps i didn't make myself clear enough in the original post. i can *already* do NAT for the whole of my internal network. the problem is, how do i selectively *not* do NAT for some of the clients? or, in other words, how do i do it for only *some* of them, not all?
thanks. - t. -- cogito, ergo es. -- To unsubscribe, send mail to [EMAIL PROTECTED] with the body "unsubscribe ilug-cal" and an empty subject line. FAQ: http://www.ilug-cal.org/node.php?id=3
