You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36 lines
1.3 KiB
36 lines
1.3 KiB
This target is only valid in the
|
|
.B nat
|
|
table, in the
|
|
.B POSTROUTING
|
|
chain. It should only be used with dynamically assigned IP (dialup)
|
|
connections: if you have a static IP address, you should use the SNAT
|
|
target. Masquerading is equivalent to specifying a mapping to the IP
|
|
address of the interface the packet is going out, but also has the
|
|
effect that connections are
|
|
.I forgotten
|
|
when the interface goes down. This is the correct behavior when the
|
|
next dialup is unlikely to have the same interface address (and hence
|
|
any established connections are lost anyway).
|
|
.TP
|
|
\fB\-\-to\-ports\fP \fIport\fP[\fB\-\fP\fIport\fP]
|
|
This specifies a range of source ports to use, overriding the default
|
|
.B SNAT
|
|
source port-selection heuristics (see above). This is only valid
|
|
if the rule also specifies one of the following protocols:
|
|
\fBtcp\fP, \fBudp\fP, \fBdccp\fP or \fBsctp\fP.
|
|
.TP
|
|
\fB\-\-random\fP
|
|
Randomize source port mapping
|
|
If option
|
|
\fB\-\-random\fP
|
|
is used then port mapping will be randomized (kernel >= 2.6.21).
|
|
Since kernel 5.0, \fB\-\-random\fP is identical to \fB\-\-random-fully\fP.
|
|
.TP
|
|
\fB\-\-random-fully\fP
|
|
Full randomize source port mapping
|
|
If option
|
|
\fB\-\-random-fully\fP
|
|
is used then port mapping will be fully randomized (kernel >= 3.13).
|
|
.TP
|
|
IPv6 support available since Linux kernels >= 3.7.
|