Answer the question
In order to leave comments, you need to log in
A
A
Alexander Karabanov2015-08-26 18:21:07
Alexander Karabanov, 2015-08-26 18:21:07
How to adapt a rule from the MikroTik firewall to the Linux iptables syntax?
There are such rules:
/ip firewall nat
add place-before=0 chain=srcnat src-address=192.168.0.0/24 dst-address=172.16.0.0/24How to adapt it to Linux iptables?
And a related question: is there a way to get into a Linux shell ( sh or bash , whatever) on MikroTik-e? If there is such an opportunity, then just enter iptables -S and everything will become clear.
3 answer(s)
@karabanov
but it is preferable to SNAT a
strange idea to masquerade between gray networks
, especially if tunnels are built
@martin74ua
@azazelpw
V
Vladimir, 2015-08-27 @karabanov
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 172.16.0.0/24 -j MASQUERADEbut it is preferable to SNAT a
strange idea to masquerade between gray networks
, especially if tunnels are built
R
Ruslan Fedoseev, 2015-08-26 @martin74ua
well, write down
iptables -t nat -A -s 192.168.0.0/24 -d 172.16.0.0/24 -j SNAT
only you have some unfinished rule - action is missing. So I can't tell which address SNAT is running from
A
Azazel PW, 2015-08-27 @azazelpw
Alexander Karabanov : iptables writes to you correctly.
iptables v1.4.21: SNAT: option "--to-source" must be specified
Because
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 172.16.0.0/24 -j SNAT --to -source %ip address of the interface through which the connection goes up to 172.16.0.0/24%
Similar questions
I
A
A
P
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question