Re: is this make sense: iptables -A PREROUTING -t nat -j SNAT --to 0.0.0.0

[Nguyen Dinh Nam <64vn@cardvn.net>]

No, AFAIK, SAME is for internet connections which supply a whole subnet 
of public IP addresses instead of just 1 IP address. But it's not what I 
want. I want to make routing in a multihomed host easier, let me write 
an example:
There is a host with 2 PPPOE connections: ppp1 (IP: 11.1.1.1) and ppp2 
(IP: 22.2.2.2), so connection teaming is done like this:
ip rule add prio 1 from 11.1.1.1 lookup 101
ip route add table 101 to default dev ppp1
ip rule add prio 2 from 22.2.2.2 lookup 102
ip route add table 102 to default dev ppp2
ip route add default nexthop dev ppp0 nexthop dev ppp1

the problem is that the routing system can depend on the source IP 
address (11.1.1.1 or 22.2.2.2) to route the packet to the correct 
interface, but packets from the LAN will have LAN ip address when 
reaching routing system, thus those packet won't match neither "prio 1" 
nor "prio 2" rules.

My idea to solve it is to do something to make netfilter to masquerade 
the source of packets (from LAN IP address to 11.1.1.1 or 22.2.2.2) 
*before* reaching routing system, so those packets can match "prio 1" or 
"prio 2" routing rules. If I know that it's possible, I'll start the new 
career of hacking networking code so may be you will have one more 
contributor.

Sincerely,
Nam

Jonas Berlin wrote:

> I'm no senior, but could the SAME target in patch-o-matic-ng maybe 
> help you out?