specify source port on NAT

specify source port on NAT

[Snow Wolf]

hello members,

My client has a strange requirement.When I made a nat firewall with
iptables for him,he need the forwarded package's source port was not
changed,or changed to a specified port which he can control.

For example,

192.168.1.1  --->   iptables(nat)  ---> www.aol.com
(sport: 1234)          (sport: 1234)       (dport:80)

He need that when a package was left from iptables,the source port was
still 1234.
(or something like 1235 is also ok,but he need to control it,it means
he can descide which port is the source port from iptables.)

How to do it?thanks.

Re: specify source port on NAT

[Jorge Davila]

 From http://iptables-tutorial.frozentux.net/

An example:

iptables -t nat -A POSTROUTING -p tcp -o eth0 -j SNAT --to-source 
194.236.50.155-194.236.50.160:1024-32000

Best regards,

Jorge Dávila.

Snow Wolf wrote:
> hello members,
> 
> My client has a strange requirement.When I made a nat firewall with
> iptables for him,he need the forwarded package's source port was not
> changed,or changed to a specified port which he can control.
> 
> For example,
> 
> 192.168.1.1  --->   iptables(nat)  ---> www.aol.com
> (sport: 1234)          (sport: 1234)       (dport:80)
> 
> He need that when a package was left from iptables,the source port was
> still 1234.
> (or something like 1235 is also ok,but he need to control it,it means
> he can descide which port is the source port from iptables.)
> 
> How to do it?thanks.
> 
> 


-- 
Jorge Isaac Davila Lopez
Nicaragua Open Source
+505 430 5462
davila@nicaraguaopensource.com