this a split-off of NAT: Masquerade can leak private IP, why&how?
Src-IP masqueraded packet is always the IP of the interface, of course, it makes sense and you have to define the IP of an interface otherwise you don't have a route so the routing table is incomplete.
Where else is shall take it from when not defining it:
Code: Select all
/ip address
add address=xxx.xxx.xxx.xxx/yy interface=....
Code: Select all
/ip firewall nat
add chain=srcnat
If the interface has more than one IP it is probably the first IP, isn't it?