How to configure iptables MASQUERADE rule for set of secondary IP address?
Issue
- I have RHEL with
iptablesas a firewall. I have set of 3 public IP address for WAN.
eth0 1.1.1.1 # 1st IP address
eth0:0 1.1.1.2 # 2nd IP address
eth0:1 1.1.1.3 # 3rd IP address
eth1 2.2.2.2 # LAN segment
- I added MASQUERADE rule to allow Internet access from my LAN as below:
iptables -t nat -A POSTROUTING -s 2.2.2.2 -o eth0 -j MASQUERADE
- Now outgoing connections from my LAN to WAN will be masquerading with 1.1.1.1 public IP. How can I change masquerading ip "1.1.1.1" for any other as e.g 1.1.1.2 or 1.1.1.3 ?
- How to configure iptables MASQUERADE rule for set of secondary IP address?
- What is the advantage of using
iptablesMASQUERADE target over SNAT target?
Environment
- Red Hat Enterprise Linux
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
