Opened 4 years ago
Last modified 4 years ago
#119 new enhancement
Add a field to determine SNAT address
| Reported by: | iarlyy | Owned by: | victor |
|---|---|---|---|
| Priority: | major | Milestone: | 0.8 |
| Component: | vuurmuur-conf | Version: | 0.8beta2 |
| Keywords: | Cc: |
Description
When setting up a SNAT rule a field to determine the SNAT address should be showed, in many cases the firewall can have virtual interfaces, and the admin need to mask some internal machine with some external address.
Thanks in advance.
Change History (2)
comment:1 Changed 4 years ago by victor
comment:2 Changed 4 years ago by iarlyy
Assuming I have a simple firewall with two network interfaces eth0-LAN and eth1-WAN.
On my eth0 I have my users stations, by default all traffic are getting out with ip of eth1 ( POSTROUTING NAT ).
But I have a machine that I need this one your traffic go to internet as an ip of a eth1 virtual interface
e.g
eth0 - 192.168.100.1 ( network 192.168.100.0/24 )
eth1 - 200.201.202.203
eth1:1 200.201.202.204
I need this one get out to the internet as 200.201.202.204 rather than ip configured at physical interface. I suggested the field but currently we have "Outgoing interface" on creating SNAT rule, other way should be: When I creating a SNAT rule, there could appears the Virtual Interfaces, that would use eth1 ( because eth1:1 is over eth1 ) as outgoing interface and --to-source the virtual address from the virtual interface selected
Please describe a detailed use case to us. I'm not convinced yet we need a field like this.