Content #
Source NAT (SNAT) is used to share a single Internet connection among computers on a network. The computer attached to the Internet acts as a gateway and uses SNAT (along with connection tracking) to rewrite packets for connections between the Internet and the internal network. The source address of outbound packets is replaced with the static IP address of the gateway’s Internet connection. When outside computers respond, they will set the destination address to the IP address of the gateway’s Internet connection, and the gateway will intercept those packets, change their destination addresses to the correct inside computer, and forward them to the internal network.
You can set up SNAT on the eth1 interface by putting a simple rule on the POSTROUTING chain of the nat table:
iptables -t nat -A POSTROUTING -o eth1 -j SNAT
The corresponding command for masquerading is:
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE