blob: 4cc03970ca17b84559f9ba7c4c850e4958c8ac6b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
This target is only valid in the
.B nat
table, in the
.B POSTROUTING
chain. It specifies that the source address of the packet should be
modified (and all future packets in this connection will also be
mangled), and rules should cease being examined. It takes one type
of option:
.TP
.BR "--to-source " "\fIipaddr\fP[-\fIipaddr\fP][:\fIport\fP-\fIport\fP]"
which can specify a single new source IP address, an inclusive range
of IP addresses, and optionally, a port range (which is only valid if
the rule also specifies
.B "-p tcp"
or
.BR "-p udp" ).
If no port range is specified, then source ports below 512 will be
mapped to other ports below 512: those between 512 and 1023 inclusive
will be mapped to ports below 1024, and other ports will be mapped to
1024 or above. Where possible, no port alteration will occur.
.RS
.PP
You can add several --to-source options. If you specify more
than one source address, either via an address range or multiple
--to-source options, a simple round-robin (one after another in
cycle) takes place between these adresses.
|