Is it OK, to use iptables SNAT rule with inverted -o parameter?

Would it be OK/reliable, to use just one rule?:

iptables -t nat -I POSTROUTING ! -o eth2 -s 192.168.10.0/24 -j SNAT --to PUBLIC_IP_ADDRESS

The BGP linux router has 25 ethernet interfaces. This iptables rule with "! -o XY" should allow the traffic to be SNATed and leave the router through all interfaces other than eth2. Behind eth2 interface, there is a local network 192.168.10.0/24 - those machines in local network should communicate to outer world through eth0, eth1, eth3, eth4.

So I guess it is more common variant to use "! -o eth2" because it is not necessary to write 4 SNAT rules, one for each iface eth0, eth1, eth3, eth4.

I'm just not sure if it is good idea to set it up this way... In the LAB where I have testing version of the network, including 2 BGP upstream peers, it seems to work well...

If your answer is no/yes, please, tell me why, as well.

thank you a lot. Pep.


I`ll answer myself... Yes, it works perfectly...