-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 T, >> $ iptables -t nat -A POSTROUTING -s 172.16.0.0/16 -j SNAT --to GateWayIP >> $ iptables -t nat -A POSTROUTING -j DROP > thanks for your answer. but it doesn't really solve my problem. perhaps > i didn't make myself clear enough in the original post. i can *already* > do NAT for the whole of my internal network. the problem is, how do i > selectively *not* do NAT for some of the clients? or, in other words, > how do i do it for only *some* of them, not all? Oh, I thought you wanted to NAT the IPs 172.16.0.0/16. What you just said can also be solved easily. Just do this then -- $ iptables -t nat -A POSTROUTING -s 172.16.0.1/2 -j SNAT --to GateWayIP $ iptables -t nat -A POSTROUTING -s 172.16.0.12/16 -j SNAT --to GateWayIP and leave the others alone (this is considering that you want to NAT only 172.16.0.1-2 & 172.16.0.12-16 and not NAT the rest). If you want you can enter each IP by hand if there is no range which you can use. Hope this helps ... Regards, BG
- -- Baishampayan Ghose b.ghose at gmail.com 1024D/86361B74 BB2C E244 15AD 05C5 523A 90E7 4249 3494 8636 1B74 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFEK9yVQkk0lIY2G3QRAgidAKCJzkOoEdxeKDnC6iMVY2URQGbbPQCfUcAx q3nM6G2Qpy0YhoZ0D67vPiQ= =+dyz -----END PGP SIGNATURE----- -- To unsubscribe, send mail to [EMAIL PROTECTED] with the body "unsubscribe ilug-cal" and an empty subject line. FAQ: http://www.ilug-cal.org/node.php?id=3
