The masquerading (and forwarding) code uses all the information available to
it
when making route decisions, so the cleanest way I can see to achieve the
result
you ask for is to put a second Linux box in between your router and the
private
network. This masquerade box then will have a valid IP address on your
internal
subnet, so all of the masqueraded traffic will appear to come from there;
the
router then will only have to deal with the problem of forwarding (and
perhaps
filtering) the traffic, and not faking up the source address of the
masquraded stuff.
Quote:> Hello
> I have a linux box which should work as router for two subnets to the
internet.
> One subnet has valid IP addresses but the other subnet with private IPs
has to be masqueraded. Is it possible to masquerade this subnet with an IP
address from the other subnet or with the IP of the router port which is
connected to the valid subnet and not with the IP address of the router port
which is connected to the internet which is the default?