[TriLUG] IPTables - disable NAT for a specific source/destination

Ron Kelley via TriLUG trilug at trilug.org
Wed Jun 6 08:23:51 EDT 2018


Greetings all,

I have a test bed running using IPTables on a RHEL 7 server (a “firewall” machine).  This machine provides NAT services for an inside network to an outside network.  For my test, the outside network has the IP space of 172.16.100/0/24, and the inside network has the IP space of 192.168.100.0/24.  The firewall has two IP Addresses:  172.16.100.10 (outside) and 192.168.100.1 (inside).  

As you might expect, all VMs on the inside network go through the firewall, and their source IP gets NAT’d to the 172.16.100.10 IP.  All working well.

However, I have a unique requirement for one of the inside VMs to go through the firewall w/out a NAT address.  Essentially, this particular machine needs a “no nat” statement in the IPTables rules.  In this case, the firewall is simply a router.

I have searched google for any sort of “no nat” example but can’t find it.  Does anyone have a sample they can share?  


Thanks,

-Ron


More information about the TriLUG mailing list