File: libipt_SAME.man

package info (click to toggle)
iptables 1.4.21-2
  • links: PTS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 4,508 kB
  • ctags: 5,169
  • sloc: ansic: 33,734; sh: 11,790; makefile: 146
file content (17 lines) | stat: -rw-r--r-- 618 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
 
Similar to SNAT/DNAT depending on chain: it takes a range of addresses
(`\-\-to 1.2.3.4\-1.2.3.7') and gives a client the same
source-/destination-address for each connection.
.PP
N.B.: The DNAT target's \fB\-\-persistent\fP option replaced the SAME target.
.TP
\fB\-\-to\fP \fIipaddr\fP[\fB\-\fP\fIipaddr\fP]
Addresses to map source to. May be specified more than once for
multiple ranges.
.TP
\fB\-\-nodst\fP
Don't use the destination-ip in the calculations when selecting the
new source-ip
.TP
\fB\-\-random\fP
Port mapping will be forcibly randomized to avoid attacks based on 
port prediction (kernel >= 2.6.21).