Package: iptables Version: 1.4.2 Using Source NAT in iptables on pool of IP addresses you get new IP address from pool for every new traffic flow. In example, opening web page in a browser occurs from IP address 1 in pool, while following a link on that page occurs from IP address 2. Some web sites and network applications consider such behavior as security threat, and doesn't allow user to proceed. Option -j SAME in iptables was designed to overcome such problems, but it's now obsolete, and no longer available. Option -j SNAT should use algorithm of -j SAME, but it doesn't.
Iptables configuration example: -A POSTROUTING -s 10.0.4.0/24 -o eth0.128 -j SNAT --to-source x.x.128.220-x.x.128.223 Using Debian Linux 2.6.26-2-686 #1 SMP Mon Jun 21 05:58:44 UTC 2010 i686 GNU/Linux
