All of lore.kernel.org
 help / color / mirror / Atom feed
* Question about "masquerade"
@ 2022-05-09 14:37 Kamil Jońca
  2022-05-09 16:49 ` Florian Westphal
  2022-05-10 11:34 ` Maximiliano Estudies
  0 siblings, 2 replies; 3+ messages in thread
From: Kamil Jońca @ 2022-05-09 14:37 UTC (permalink / raw)
  To: netfilter


Maybe I miss something obvious in documentation.
How stable is "masquerade"
I know that it translates addresses.
But what about ports? Changes them somehow? Keepos original?
KJ

-- 
http://wolnelektury.pl/wesprzyj/teraz/

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Question about "masquerade"
  2022-05-09 14:37 Question about "masquerade" Kamil Jońca
@ 2022-05-09 16:49 ` Florian Westphal
  2022-05-10 11:34 ` Maximiliano Estudies
  1 sibling, 0 replies; 3+ messages in thread
From: Florian Westphal @ 2022-05-09 16:49 UTC (permalink / raw)
  To: Kamil Jońca; +Cc: netfilter

Kamil Jońca <kjonca@op.pl> wrote:
> 
> Maybe I miss something obvious in documentation.
> How stable is "masquerade"
> I know that it translates addresses.
> But what about ports? Changes them somehow? Keepos original?

Depends.  Default behaviour is to change the port if keeping it
the same would result in a conflicting mapping.

See MASQUERADE --random in iptables-extensions man page or
random flag in nft man page.

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Question about "masquerade"
  2022-05-09 14:37 Question about "masquerade" Kamil Jońca
  2022-05-09 16:49 ` Florian Westphal
@ 2022-05-10 11:34 ` Maximiliano Estudies
  1 sibling, 0 replies; 3+ messages in thread
From: Maximiliano Estudies @ 2022-05-10 11:34 UTC (permalink / raw)
  To: netfilter

Hi Kamil,

From the nftwiki docs: "Masquerade is a special case of SNAT, where
the source address is automagically set to the address of the output
interface", so it's just like SNAT without specifying the source
address which then gets assigned dynamically depending on the output
interface. You con also configure the port with "masquerade to :1024"

El lun, 9 may 2022 a las 16:38, Kamil Jońca (<kjonca@op.pl>) escribió:
>
>
> Maybe I miss something obvious in documentation.
> How stable is "masquerade"
> I know that it translates addresses.
> But what about ports? Changes them somehow? Keepos original?
> KJ
>
> --
> http://wolnelektury.pl/wesprzyj/teraz/



-- 
Maximiliano Estudies
VDT Referat Beschallung
+49 176 36784771
omslo.com
maxiestudies.com

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-05-10 11:34 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-09 14:37 Question about "masquerade" Kamil Jońca
2022-05-09 16:49 ` Florian Westphal
2022-05-10 11:34 ` Maximiliano Estudies

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.