1This target is only valid in the 2.B nat 3table, in the 4.B POSTROUTING 5and 6.B INPUT 7chains, and user-defined chains which are only called from those 8chains. It specifies that the source address of the packet should be 9modified (and all future packets in this connection will also be 10mangled), and rules should cease being examined. It takes the 11following options: 12.TP 13\fB\-\-to\-source\fP [\fIipaddr\fP[\fB\-\fP\fIipaddr\fP]][\fB:\fP\fIport\fP[\fB\-\fP\fIport\fP]] 14which can specify a single new source IP address, an inclusive range 15of IP addresses. Optionally a port range, 16if the rule also specifies one of the following protocols: 17\fBtcp\fP, \fBudp\fP, \fBdccp\fP or \fBsctp\fP. 18If no port range is specified, then source ports below 512 will be 19mapped to other ports below 512: those between 512 and 1023 inclusive 20will be mapped to ports below 1024, and other ports will be mapped to 211024 or above. Where possible, no port alteration will occur. 22In Kernels up to 2.6.10, you can add several \-\-to\-source options. For those 23kernels, if you specify more than one source address, either via an address 24range or multiple \-\-to\-source options, a simple round-robin (one after another 25in cycle) takes place between these addresses. 26Later Kernels (>= 2.6.11-rc1) don't have the ability to NAT to multiple ranges 27anymore. 28.TP 29\fB\-\-random\fP 30If option 31\fB\-\-random\fP 32is used then port mapping will be randomized through a hash-based algorithm (kernel >= 2.6.21). 33.TP 34\fB\-\-random-fully\fP 35If option 36\fB\-\-random-fully\fP 37is used then port mapping will be fully randomized through a PRNG (kernel >= 3.14). 38.TP 39\fB\-\-persistent\fP 40Gives a client the same source-/destination-address for each connection. 41This supersedes the SAME target. Support for persistent mappings is available 42from 2.6.29-rc2. 43.PP 44Kernels prior to 2.6.36-rc1 don't have the ability to 45.B SNAT 46in the 47.B INPUT 48chain. 49.TP 50IPv6 support available since Linux kernels >= 3.7. 51