For example, I will configure IPv4 masquerading (NAT) on Ubuntu Server.
First you need to enable packet forwarding in /etc/sysctl.conf so that traffic can walk between different network interfaces.
Let’s check the current status:
sysctl net.ipv4.conf.all.forwarding cat /proc/sys/net/ipv4/ip_forward
If it is 0, then enable it with the following command:
sysctl -w net.ipv4.conf.all.forwarding=1
To keep this after the system restart, open the file /etc/sysctl.conf for example in the nano editor (Ctrl + X to exit, y / n to save or discard changes):
And add the line:
If necessary, you can clear existing NAT rules:
iptables -t nat --flush
Now in iptables add a masking rule, for example:
iptables -t nat -A POSTROUTING -s 192.168.99.0/24 -j SNAT --to-source 172.16.16.94
Where, 192.168.99.0/24 internal network, and 172.16.16.94 the address through which you need to go to the Internet, similarly prescribed other internal networks.
Do not forget to save the added iptables rules.
For example, you can open the network interface configuration file (its contents are loaded at system startup):
And at the end add iptables rules, for example I will indicate the masquerading of this network at once to several IP addresses, and also with the indication of the network interface:
post-up /sbin/iptables -t nat -A POSTROUTING -s 192.168.99.0/24 -o eth3 -j SNAT --to-source 172.16.90.1-172.16.90.5 --persistent