Is your feature request related to a problem? Please describe.
When using IPMasquerade, currently a source prefix is added to the rule, preventing it from being useful when other subnets are used, which is often the case when routing from other interfaces.
Describe the solution you'd like
Perhaps in addition to yes/no, other keywords for controlling this behavior. The default in my opinion should be to not specify a source address prefix at all, especially considering the current code assumes a single subnet. (No iteration for other addresses/prefixes).
Any news on this issue or on #8040 ?
On my opinion, this a bug. Masquerading makes only sense if you specify the outgoing interface -- as a router does. Have a look at OpenWRT.
8040
Is your feature request related to a problem? Please describe. When using IPMasquerade, currently a source prefix is added to the rule, preventing it from being useful when other subnets are used, which is often the case when routing from other interfaces.
Describe the solution you'd like Perhaps in addition to yes/no, other keywords for controlling this behavior. The default in my opinion should be to not specify a source address prefix at all, especially considering the current code assumes a single subnet. (No iteration for other addresses/prefixes).
Describe alternatives you've considered I see 4 distinct desired behaviors: no - obvious yes - iptables -t nat -o oif -j MAQUERADE internal - iptables -t nat -o oif -s 192.168.0.0/24 -j MASQUERADE external - iptables -t nat -o oif ! -s 192.168.0.0/24 -j MASQUERADE