search

Chion82 / netfilter-full-cone-nat

A kernel module to turn MASQUERADE into full cone SNAT
GNU General Public License v2.0
427 stars 121 forks source link

How to permit a specify host with IP address to use Full Cone NAT? #21

Open angusding opened 5 years ago

angusding commented 5 years ago

For example, LAN IP segment: 192.168.0.0/24 Only permit the host 192.168.0.11 to use Full Cone NAT and the others use MASQUERADE.

Chion82 commented 5 years ago

-s 192.168.0.11 -j FULLCONENAT and ! -s 192.168.0.11 -j MASQUERADE ?

angusding commented 5 years ago

Only use that in POSTROUTING chain? Don't need in PREROUTING chain?