Damn it... the SnatGUI is broken as per its new version, and can't be used on the latest version of IPCOP. I got these instructions and modified it as necessary but it's still not working!
* The first IP address on the firewall is x.x.x.226
* The second IP address on the firewall is x.x.x.227 and is the IP address configured with our ISP to do reverse DNS to our mail server.
* The mail server has an internal IP address of 192.168.x.254
First, I created a function in /etc/rc.d/rc.firewall.local called custom_nat
# Accept PING traffic (we needed this to allow our external site monitors to ping the mail server)
/sbin/iptables -A CUSTOMFORWARD -p icmp -d 192.168.x.254 -j ACCEPT
# Do source natting for the mail server. Change 192.168.x.254 to x.x.x.227
/sbin/iptables -t nat -A CUSTOMPOSTROUTING -s 192.168.x.254 -j SNAT —to-source x.x.x.227
# Do source natting for the rest of the network.
/sbin/iptables -t nat -A CUSTOMPOSTROUTING -s 192.168.x.0/24 -j SNAT —to-source x.x.x.226
Second, I added this call to start case in rc.firewall.local
case “$1” in
## add your ‘start’ rules here
#Added for zerina start - BEGIN
#Added for zerina start - END