Можно ли в Linux настроить NAT с пулом внешних IP адресов
>Можно ли в Linux настроить NAT с пулом внешних IP адресовПервая идея, залетевшая в голову (для 4 адресов):
-m statistic --mode nth --every 4 -j SNAT IP1
-m statistic --mode nth --every 3 -j SNAT IP2
-m statistic --mode nth --every 2 -j SNAT IP3
-j SNAT IP4
man iptables--to-source ipaddr[-ipaddr][:port[-port]]
which can specify a single new source IP address, an inclusive range of IP addresses, and optionally, a port range (which is only valid
if the rule also specifies -p tcp or -p udp). If no port range is specified, then source ports below 512 will be mapped to other ports
below 512: those between 512 and 1023 inclusive will be mapped to ports below 1024, and other ports will be mapped to 1024 or above.
Where possible, no port alteration willIn Kernels up to 2.6.10, you can add several --to-source options. For those kernels, if you specify more than one source address, either
via an address range or multiple --to-source options, a simple round-robin (one after another in cycle) takes place between these
addresses. Later Kernels (>= 2.6.11-rc1) don't have the ability to NAT to multiple ranges anymore.
>[оверквотинг удален]
>
>
> In Kernels up to 2.6.10, you can add several
>--to-source options. For those kernels, if you specify more than
>one source address, either
>
> via an address range or
> multiple --to-source options, a simple round-robin (one
>after another in cycle) takes place between these
> addresses. Later Kernels (>= 2.6.11-rc1) don't have the ability to NAT to multiple ranges anymore.Теперь можно по русски
>[оверквотинг удален]
>> In Kernels up to 2.6.10, you can add several
>>--to-source options. For those kernels, if you specify more than
>>one source address, either
>>
>> via an address range or
>> multiple --to-source options, a simple round-robin (one
>>after another in cycle) takes place between these
>> addresses. Later Kernels (>= 2.6.11-rc1) don't have the ability to NAT to multiple ranges anymore.
>
>Теперь можно по русски