MASQUERADE and SNAT

[Robert Nichols]

Claude Jones wrote:
>      My SNAT rule
> did have the --to-source entry, but I guess I need to take a look
> at that syntax again. Thanks. 

If you use SNAT, it's your responsibility to make sure the
address you give for "--to-source" actually _is_ an external IP
address that routes back to you.  If you get the address wrong,
the rule will install just fine, but nobody will be able to reply
to any of your NAT-ed packets.

-- 
Bob Nichols         rnichols42 at comcast.net