6,534
edits
Changes
fixed bad iptables -s example (thanks to laurento frittella, bug #1158), fixed a typo in IP address
</pre>
where <tt>src_net</tt> is a range of IP addresses of containers to be translated by SNAT, and <tt>ip_address</tt> is the external IP address of your [[Hardware Node]]. The format of src_net is xx.xx.xx.xx/xx([[w:CIDR|CIDR notation]]). For example to specify IP addresses from 192.168.2.12 1 through 192.168.2.25 127 use:
<pre>
# iptables -t nat -A POSTROUTING -s 192.168.2.120/25 -o eth0 -j SNAT --to ip_address
</pre>
If you are using an iptables firewall (for example the default RedHat/CentOS firewall), don't forget to allow outgoing connections from your containers. For example if you are using the subnet 172.16.150.0/24 for your VMs, you should do the following:
<pre>
# /sbin/iptables -A RH-Firewall-1-INPUT -s 172.16.149150.0/24 -j ACCEPT
# /sbin/iptables-save > /etc/sysconfig/iptables
# /sbin/service iptables restart
