Fun with the mangle table + LARTC
gdh at acentral.co.uk
Mon Aug 1 17:41:19 CEST 2005
On Monday 01 August 2005 14:01, /dev/rob0 wrote:
> Gavin Hamill wrote:
> > Hi - this is one of those "not sure if it's netfilter or LARTC" issues,
> I'm not sure either, but here's a guess.
> > -A POSTROUTING -s 10.0.0.0/255.255.255.0 -o eth1 -j MASQUERADE
> > -A POSTROUTING -s 10.0.0.0/255.255.255.0 -o eth2 -j MASQUERADE
> Why MASQUERADE? Try using SNAT rules.
MASQ because the IP addresses on each interaface are DHCP - home ISPs - not
business ones :)
> > using tcpdump I can see the outgoing and reply packets on eth2 with the
> > correct source address (i.e. the one the ISP on eth2 gives me) set, but
> > tcpdump on eth0 shows only the packets from the MASQ'd host - the replies
> > from the Internet host are not passed through.
> Is there anything dropping the packets in FORWARD? Try tracking with
> iptables LOG rules rather than tcpdump.
OK, I'll give that a whirl :)
More information about the netfilter