Nat & Https

poubelle2003200 · 03-27-2004, 02:25 PM

Hi,

I am trying to setup my LAN to access the internet using IPTABLES under Gentoo (Kernel 2.6, ip_conntrack cmpiled into the kernel).

My default policy is to accept everything (IN,OUT,FORWARD) and i added a SNAT using iptables.

The web is working well but computers in my LAN can't access https. I don't understand why this protocol is not properly handled as I only saw conntrack modules for ftp & irc.

Does any can help me?
Thanks a lot

Poubelle

chort · 03-27-2004, 04:14 PM

Have you tested with different browsers, and different HTTPS-enabled sites? It could very well be your client settings. HTTPS is a normal TCP connection over port 443(usually). It does not use embedded IPs, so there is no problem with NAT.

poubelle2003200 · 03-27-2004, 04:32 PM

I tried using IE & Firefox (i'm running Gentoo but computers on my Lan are under
windows XP).

If you have some time, can you explain me how the whole process of masquerading and address translation take place?

Thx
Poubelle

acid_kewpie · 03-27-2004, 04:34 PM

hehe, i think you'd do an awful lot better to read the ip masquarding and NAT howto, rather than wait for someone to wrote a small textbook to explain it all...

poubelle2003200 · 03-27-2004, 05:45 PM

he he

in fact i read the iptables & nat faq before asking but i find that the section about nat this not that developped.

maybe if you know a good faq you can post me the link.

Thx
Xavier

ugge · 03-27-2004, 05:52 PM

Check this great site for info on the iptables system.
http://iptables-tutorial.frozentux.n...-tutorial.html

poubelle2003200 · 03-27-2004, 06:02 PM

Thank you it seems great