[systemd-devel] [SPAM] Re: Custom options and passing options via command line.
Lennart Poettering
lennart at poettering.net
Tue May 10 13:12:09 UTC 2022
On Mo, 09.05.22 20:00, Kamil Jońca (kjonca at op.pl) wrote:
> Kamil Jońca <kjonca at fastmail.com> writes:
>
>
> > Let's see.
> > from SYSTEMD.NETWORK(5)
> > ...
> > IPMasquerade=
> > Configures IP masquerading for the network interface. If
> > enabled, packets forwarded from the network interface will be
> > appear as coming from the local host.
> > ....
> >
> >
> > I still do not know what mean "local host" here. I guess that this will
> > be interface address. :)
> >
> > I still do not know if this is rather "snat" or rather "masquerade". How
> > can I decide which to use. And what engine is used here.
> >
>
> Another question:
> 1. "partial nat"
> 3 interfaces qemu1 , qemu2, and eth
> I want to nat treffic from qemu1 via eth but not qemu2
> (NB this is the place, where I use mu custom option in
> /etc/network/interfaces which means "NAT this traffic" )
This sounds as if you just want to set IPMasquerade=yes on the
.network file that matche's qemu1's interface, and that's it.
> 2. nat based on destination network.
>
> I want to nat only traffic to say, 192.168.10.0/24, leaving rest
> untouched. (This is case when I have ipsec tunnel and I want to nat only
> traffic to other endpoint)
If this does not deal in interfaces, but in IP addresses instead, no
need to involve networkd. Just define the firewall outside of
networkd?
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list