iptables - strange behaviour of nat??
I set iptables masquerade on "server".... clients has good gateway, and they can ping machines outside nat, dns works too, but nothing else :( tcp and udp packets goes to server and... are dropped???
I couldn't public dump of tcpdump because I haven't got 5 posts(there are urls) :( So if someone would like to help me it's there: cobra<dot>eu<dot>org/tcpdump.txt
have you read the IP masquerading HOWTO? If not then visit http://en.tldp.org/HOWTO/IP-Masquerade-HOWTO/ . Make sure that you use a simple firewall script such as http://en.tldp.org/HOWTO/IP-Masquera...FIREWALL-2.4.X the first time. Use iptables -nvL to see which policy is in action. I hope that helps!
it wasn't my first masquerade.... but first where i had to change TTL target ;) this provider checks if TTL is diffrent then 64(linux), 255(windows)..... masquerade decreases TTL by one, so my masq has been sending 63, 254... :(
iptables -t mangle -A PREROUTING -i eth1 -j TTL --ttl-set 64
and everything is ok ;)
you have to patch kernel with patch-o-matic from netfilter.org
|All times are GMT -5. The time now is 10:13 PM.|