On Sunday 07 April 2002 4:15 pm, Julien Flaquieres wrote: > hi everybody > > I have a simple problem( I guess...). I use iptables to share and control > my internet connexion. I would like to masquerade only my smtp and pop3 > connexions (110 and 25). I'm not sure of the syntax.
iptables -t nat -A POSTROUTING -p tcp --dport 110 -o ppp0 -j MASQUERADE and similarly for --dport 25 However, are you *sure* this is what you want to do ? I would have it more likely you would want to have a FORWARDing rule which allows packets to --dport 25 and --dport 110, and then the POSTROUTING rule is used to MASQUERADE everything allowed out of the machine (which, if the FORWARD chain has a default policy of DROP, will only be POP3 and SMTP packets). It just seems an odd way to do it, to only MASQUERADE certain packets, without stopping any others from actually going out of the machine unMASQUERADEd...? Antony.
