Hi every one
Its my first time to share my problems here ,
I have estiblished an internet connection in my lab using two static public adresses
. I have used iptables to establish connections between the tow wans and their internal lans. I have faced some problems. I will start with this one.
I use wireshark to observe packets exiting and entering and i have noticed that :
In the case of using packets of type ICMP or TCP the reply packets and acknowledge packets does not change their source ip to the masqurade ip address of the ubuntu router.
While other packets (UDP or non reply) are masqueraded right.

Any thouths ??
Thanks
Ayman

Are your two (2) static IP's on the same physical interface or on different physical interface?

of course they are two different WANS as i mentioned before no common nic cards.
any way as I read about mangle table that it affects the MASQUERADE or SNAT; but as im facing rigth now that when i access the packets from inside the nfqueue program the out going packets are changed as i want, but for example if i am pinging from on wan to another the request packet goes right, but if its a reply packet MASQUERADE does not work, same as for TCP packets and its ACK packets.

Sorry, I did not see anything in your original post stating you were using 2 nic cards only that you are using two public IP Addresses.

Sorry I'm not familiar with nfqueue myself. But I am going to question where you are pulling your traffic off the wire to see that they are not being masqueraded. Do you have another device sitting between your lab and the wan that is showing you that your packets are not masqueraded? Or are you pulling them directly off the lab device?