I have a router pc with 9 ether ports.
ether 1 - 192.168.102.1 - from rb600 with back bone links
ether 2 - 192.168.101.1 - from rb433 public hotspot
ether 3 - 192.168.103.1 - from internet
ether 4 - 192.168.104.1 - pc
ether 5 - 192.168.105.1 - from radius manager
ether 6 - 192.168.106.1 - from rb433 ap
ether 7 - 192.168.107.1 - from internet
ether 8 - 192.168.108.1 - to voip server. This is used by our subscriber of our internal nertwork only. Never from th internet
ether 9 - not used
Only ether 3 and 7 need to be masquraded.
0 chain=srcnat action=accept dst-address=192.168.108.2
1 chain=srcnat action=masquerade
2 chain=dstnat action=redirect to-ports=8080 protocol=tcp dst-port=80
connection-mark=http-conn
3 chain=dstnat action=dst-nat to-addresses=196.43.2.142 protocol=tcp
dst-port=25
Is there any way of only aplying the masqurade rule to ether 3 & 7 only ??