[Ferm] Any way to SNAT in IPv6 ?
Christophe
tech at stuxnet.org
Mon Dec 16 23:37:35 CET 2013
Hi Max,
Le 16/12/2013 20:19, Max Kellermann a écrit :
> On 2013/12/08 19:54, Christophe <tech at stuxnet.org> wrote:
>> Problem seems that syntax differs from iptables, that uses
>> '--to-source', while ip6tables uses '--to'.
>
> *sigh* yet another special case for ferm...
Yep, sorry :(
>
>> Is there anyway to get this work with ferm syntax ?
>
> Where's the documentation for this option? The ip6tables manpage
> v1.4.14 does not even mention NAT.
>
In this singular case :
Kernel version is : 3.10.22 (compiled from source, with IPv6 NAT and
NPTv6 support)
iptables version is : 1.4.14 (from Debian wheezy stable package)
I'm unable at this time, to find any documentation about using SNAT
target in ip6tables :( . But really works with syntax mentionned before,
as MASQUERADE also does.
For instance :
ip6tables -t nat -A POSTROUTING -o <iface> -j SNAT --to <ip6 address>
ip6tables -t nat -A POSTROUTING -o <iface> -j MASQUERADE
I will try to get further informations about this, if it can help you to
handle this case in ferm ;) .
Regards.
Christophe.
More information about the Ferm
mailing list