Subject: [44net] Some hosts from net, rest masq'd? From: Steve L kb9mwr@gmail.com Date: 07/19/2015 09:29 PM
To: "44net@hamradio.ucsd.edu" 44net@hamradio.ucsd.edu
I had a guy ask me who I don't think is on this list yet, if its possible so have some 44 ips behind his gateway reachable from the public net, and all the remaining to use masquerading rather than the default 44/8 UCSD route. I told him I am sure it can be done.
I am sure there is more than one way to do this. Here is what I came up with, I mark the traffic type by matching source address (I am using some hosts on my lan to test). Set a rule for that, and then finally set a route based on that rule.
I am doing that on my system as well, but rather than using a separate rule that is matched by the mark, I use the mark to enable the masquerade in POSTROUTING.
(using a -m mark --mark 1 match)
But of course it can be done either way.
Rob