#StackBounty: #networking #iptables #routing #nat change source address of outgoing traffic destined to second network alias of source …

Bounty: 50

I have following setup:

ip addr:

2: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 01:12:23:34:45:5f brd ff:ff:ff:ff:ff:ff
    inet xxx.xxx.xxx.xxx/24 brd xxx.xxx.xxx.xxx scope global ens4
       valid_lft forever preferred_lft forever
    inet scope global ens4:1
       valid_lft forever preferred_lft forever
    inet scope global secondary ens4:2
       valid_lft forever preferred_lft forever

I would like to have all traffic from destined to to show as if the source was

The reason is I have speciffic configuration on postgres that I cannot change. This postgres is only accepting connections when source is, so if source becomes then connection will be refused.

The above questions is result of answer received here: How to add ip route to route traffic through interface when destination is also that interface (it is not possible to change source IP address with static routes when two aliases are configured within the same network)

The answer to following question seems to be related to my question although it does not result in rule being added: https://unix.stackexchange.com/questions/243451/iptables-change-local-source-address-if-destination-address-matches

I already tried following nat rules:

iptables -t nat -A POSTROUTING -o ens4 -j MASQUERADE
iptables -A FORWARD -i ens4 --source -o -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i ens4 --source -o -j ACCEPT

Above derived from here: http://www.revsys.com/writings/quicktips/nat.html

Get this bounty!!!