SNAT for two interfaces not working
Sheldon Hearn
sheldonh at clue.co.za
Wed Sep 28 16:08:23 CEST 2005
On Wednesday 28 September 2005 15:51, David Coulson wrote:
> Sheldon Hearn wrote:
> > So basically, the SYN+ACK is arriving back at the firewall, but the
> > firewall then ignores it. If I add logging, I see the packet hit
> > PREROUTING, but that's it.
>
> Disable return path filtering on the interfaces.
>
> echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
>
> David
For the integrity of the archives, it was actually
net.ipv4.conf.eth2.rp_filter; I forgot to mention that, and I'd hate
for someone else to struggle any more than necessary with the same
problem.
But again, thank you so much.
Ciao,
Sheldon.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/netfilter/attachments/20050928/0382f03f/attachment.pgp
More information about the netfilter
mailing list