I have to test SNMP 2c Traps. I want to send those traps from some computer and the trap destination has iptables. So before the trap enters the NMS, I could just rewrite the real source of the trap to the desired source of the trap (an UPS).
example:
$IPTABLES -t nat -A PREROUTING -o em+ -p udp -m udp -s 1.2.3.4 -d 10.1.2.3 --dport 162 -j SNAT --to-source 10.1.2.4
Simulation computer: 1.2.3.4
NMS: 10.1.2.3
UPS: 10.1.2.4
The problem is: The PREROUTING chain doesn't allow SNAT. As far as I understand, I don't need to reply to that trap. I just have to receive the complete information packet. So I shouldn't need connection tracking.
Can anybody help me?
Thanks
