[Ferm] Any way to SNAT in IPv6 ?
Christophe
tech at stuxnet.org
Wed Mar 12 20:19:39 CET 2014
Hi,
As far as i seen recently, there is no such reference to this feature in
ip6tables man. But I found a link that can /probably/ help you :
http://mirrors.bieringer.de/Linux+IPv6-HOWTO/nat-netfilter6..html
As a workaround, I used a "post hook" to handle this case. (efficient
but not really clever :) ).
Do you think you can integrate such a feature in ferm ?
(I can help for testing if needed) .
Regards,
Christophe.
Le 16/12/2013 23:37, Christophe a écrit :
> Hi Max,
>
> Le 16/12/2013 20:19, Max Kellermann a écrit :
>> On 2013/12/08 19:54, Christophe <tech at stuxnet.org> wrote:
>>> Problem seems that syntax differs from iptables, that uses
>>> '--to-source', while ip6tables uses '--to'.
>>
>> *sigh* yet another special case for ferm...
>
> Yep, sorry :(
>
>>
>>> Is there anyway to get this work with ferm syntax ?
>>
>> Where's the documentation for this option? The ip6tables manpage
>> v1.4.14 does not even mention NAT.
>>
>
> In this singular case :
>
> Kernel version is : 3.10.22 (compiled from source, with IPv6 NAT and
> NPTv6 support)
> iptables version is : 1.4.14 (from Debian wheezy stable package)
>
> I'm unable at this time, to find any documentation about using SNAT
> target in ip6tables :( . But really works with syntax mentionned before,
> as MASQUERADE also does.
>
> For instance :
>
> ip6tables -t nat -A POSTROUTING -o <iface> -j SNAT --to <ip6 address>
> ip6tables -t nat -A POSTROUTING -o <iface> -j MASQUERADE
>
> I will try to get further informations about this, if it can help you to
> handle this case in ferm ;) .
>
> Regards.
> Christophe.
> _______________________________________________
> Ferm mailing list
> Ferm at foo-projects.org
> http://foo-projects.org/mailman/listinfo/ferm
>
More information about the Ferm
mailing list