Hello LinuxQuestions, I want to ask question about gre tunnel, I have made it work and the ping between two servers is working fine (the tutorial: http://wiki.buyvm.net/doku.php/gre_tunnel) but the issue that I have is when I am using that command:
iptables -t nat -A PREROUTING -d YOUR_FILTERED_IP -j DNAT --to-destination 192.168.168.2 -p tcp --dport 80
iptables -A FORWARD -d 192.168.168.2 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT -p tcp --dport 80

it works fine with the TCP and show the real ip but I can't do it with udp port(9987, TEAMSPEAK PORT):
iptables -t nat -A PREROUTING -d YOUR_FILTERED_IP -j DNAT --to-destination 192.168.168.2 -p udp --dport 9987
iptables -A FORWARD -d 192.168.168.2 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT -p udp --dport 9987

it failed to connect the server.
Any advice about that?

Thanks alot.

Originally Posted by brebs (Post 5466278) As usual, use tcpdump to see the *actual* traffic.

Update:
The tunnel works fine and the ping works fine, I also tested this command to port 80 (Apache):

Server-1

iptables -t nat -A PREROUTING -d S1-Public-IP -j DNAT --to-destination 192.168.10.2 -p udp --dport 9987
iptables -A FORWARD -d 192.168.10.2 -j ACCEPT -p udp --dport 9987
Server-2

iptables -t nat -A PREROUTING -d S2-Public-IP -j DNAT --to-destination 192.168.168.2 -p udp --dport 9987
iptables -A FORWARD -d 192.168.168.2 -j ACCEPT -p udp --dport 9987
And the apache worked between them

http: //Mainip/ < main ip

http: //S1-IP/ < gre1 (192.168.10.2)

http: //S2-IP/ < gre2 (192.168.168.2)

I want to make it with teamspeak server (UDP), but I can only bind to one IP (192.168.10.2 or 192.168.168.2 or main IP) If I bind to gre1, only IPs from gre1 tunnel can access the server; others cannot.

I have tried to bind to 0.0.0.0 but it only binds to the main IP.

Note: these are the commands I used to make the GRE tunnel:
http://pastebin.com/STDRmGa6

Any advice ?
Thanks for your time.