Router DMZ and Internal

[basmer]

My router configuration is Suse Linux 10.1 with Susefirewall2. My network configuration is External network connected to internet with 2 public IP (80.xxx.xxx.55 and 80.xxx.xxx.60) addresses, DMZ network with 192.168.0.x IP range and internal network 192.168.1.x. Have added masquerading from public IP 80.xxx.xxx.60 to DMZ IP 192.168.0.10 port 25. Problem arises when DMZ server 192.168.0.10 initiates connection to outside world, his IP address masquerades to 80.xxx.xxx.55 (router public IP), but I need 80.xxx.xxx.60. Same time when internal network computers go to internet their IP have to be 80.xxx.xxx.55(currently it is so). Is it possible with Susefirewall2 to get what I need?

[framp]

An iptables rule with SNAT in SuSEFirewall-custom should do the trick. I unfortunately don't know how to get this work with SuSE FW rules .

[basmer]

Currently Susefirewall2 generated two nat rules:
PREROUTING
DNAT tcp eth0 0.0.0.0/0 80.xxx.xxx.84 tcp dpt:22 to:192.168.0.10:22

POSTROUTING
MASQUERADE all eth0 0.0.0.0/0 0.0.0.0/0

Have also tried to add custom rule to add to POSTROUTING chain SNAT, but it does not help.
SNAT all eth1 192.168.0.10 0.0.0.0/0 to:80.xxx.xxx.84

Any idea?

[framp]

Hm ... it's most probably because you receive data on eth0 and send on eth1. AFAIK traffic for one session has to use one nic only.