17 lines
618 B
Groff
17 lines
618 B
Groff
Similar to SNAT/DNAT depending on chain: it takes a range of addresses
|
|
(`\-\-to 1.2.3.4\-1.2.3.7') and gives a client the same
|
|
source-/destination-address for each connection.
|
|
.PP
|
|
N.B.: The DNAT target's \fB\-\-persistent\fP option replaced the SAME target.
|
|
.TP
|
|
\fB\-\-to\fP \fIipaddr\fP[\fB\-\fP\fIipaddr\fP]
|
|
Addresses to map source to. May be specified more than once for
|
|
multiple ranges.
|
|
.TP
|
|
\fB\-\-nodst\fP
|
|
Don't use the destination-ip in the calculations when selecting the
|
|
new source-ip
|
|
.TP
|
|
\fB\-\-random\fP
|
|
Port mapping will be forcibly randomized to avoid attacks based on
|
|
port prediction (kernel >= 2.6.21).
|