Error in Masquerade ??
Jorge Davila
davila at nicaraguaopensource.com
Fri Mar 10 16:27:14 CET 2006
Leandro:
You need another rule to alter the source ip address of the outgoing
packets.
iptables -t nat -A POSTROUTING -o eth0 \
-j SNAT --to-source <server_address>
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Jorge.
El vie, 10-03-2006 a las 12:01 -0300, Leandro Silva escribió:
> I have the following rule in my firewall:
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> And that's the only rule if postrouting chain. It's working fine but
> from time to time a packet leaves the server with the original ip and
> not with the server's. It's happening like 1 "wrong" packet for 100
> or 200 ok.
> I've tried in other servers with same results and different
> "Mandrakes" ( 9.1, 10,1 and 2006.0 ). And different cpus ( p3, p4,
> amd, all with 512 mb ram ).
> Any ideias ?
>
> Thanks a lot
> Leandro
>
--
Jorge Isaac Davila Lopez
Nicaragua Open Source
+505 808 2478
davila at nicaraguaopensource.com
More information about the netfilter
mailing list