1
Good people,
I have a network having the following setup
eth0 10.216.11.41
internet facing
eth1 192.168.0.4
internal network interacting with other machines within the internal network.
Id like to use this machine as a gateway with the following requirements.
- All traffic from the internal network going out to yahoo.com be SNATted with a --to 10.216.11.40 through eth0
- Everything else to be MASQUARADed out via eth0 whose ip is 10.216.11.41
I had hoped to achieve this vis
#everything to yahoo be snatted
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 10.216.11.40 --destination yahoo.com
#everything else be masqueraded
iptables --t nat --A POSTROUTING --o eth0 -j MASQUERADE
But alas the SNATting rule doesn't take a destination.
How can I achieve the above requirements?
thanks for the prompt response. kindly provide a sample command to achieve what you have written – artfullyContrived – 2013-08-10T13:46:35.483
Try that out. Please note that Netfilter doesn't resolve IP addresses (above you're going to get whatever yahoo.com resolves to when the rules are applied), so if
yahoo.com
changes their IP address (or uses multiple in a CDN setup) you'll need to refresh the rules for it to work. – LawrenceC – 2013-08-10T14:18:58.750