LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 06-12-2006, 07:23 AM   #1
zsoltrenyi
Member
 
Registered: May 2004
Distribution: redhat, trustix, debian
Posts: 103

Rep: Reputation: 15
Unhappy strange NAT problem


HI

I have a strange nat problem
I became the administrator of a linux gateway using firehol.

This machine is a gateway for a small subnet /28. I have some DNAT enabled for some users to connect from home to their PC-s at work. Theese users connect to one of the IP's from my subnet. If I issue an iptables -t nat -L -n I can see the rules witch DNAT the traffic from theese users with destination to the local ip-s, but at the SNAT part I see the traffic going outside only SNAT-ed to my gateways IP.

So for example: Let's say I have 86.24.153.171 for my gateway, and 86.24.153.175 a pc behind that gateway. Users from home connect to 86.24.153.175 but theese are beeing DNAT-ed at the gateway to 192.168.X.X (a pc on the network). The problem is that according to iptables everything is SNAT-ed to 86.24.153.171 (the gateways ip).
But this is not true. If I start capturing packets with tcpdump I see that traffic sourced from 86.24.153.175. And the users can connect to their pc's (they connect to 86.24.153.175 and they get replies also from 86.24.153.175).
On the inside interface of the gateway I capture packets sourced from 192.168.x.x and on the outside interface they are sourced from 86.24.153.175. So the nat is done by the gateway.
I checked iptables -t nat and iptables -t mangle but this address 86.24.153.175 doesn't appear there.

Any help would be appreciated. Where else should I check? Firehol is doing something without iptables?
 
Old 06-14-2006, 03:21 AM   #2
zsoltrenyi
Member
 
Registered: May 2004
Distribution: redhat, trustix, debian
Posts: 103

Original Poster
Rep: Reputation: 15
I found a problem but I don't know how to fix it.

The Snat is done in a chain called nat.5, and if I try to view that chain with iptables -t nat -n -L nat.5 it says:

Chain nat.5 (12 references)
target prot opt source destination
RETURN all -- anywhere 10.0.0.0/8
RETURN all -- anywhere 169.254.0.0/16
RETURN all -- anywhere 172.16.0.0/12
RETURN all -- anywhere 192.0.2.0/24
RETURN all -- anywhere 192.88.99.0/24
RETURN all -- anywhere 192.168.0.0/16
SNAT all -- anywhere anywhere to:x.x.x.x

So there should be 12 references wright?
But I can see only 7. Does anybody know why?
Thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Really strange problem with NAT router gepas Slackware 7 05-06-2006 08:14 AM
Really strange problem with NAT router gepas Linux - Networking 3 05-05-2006 11:05 AM
please help: strange problem with NAT??? cutejai Linux - Networking 3 12-16-2005 05:37 AM
strange nat problem KennyNotDead Linux - Networking 3 05-11-2005 12:21 PM
iptables - strange behaviour of nat?? shacky Linux - Networking 2 10-17-2004 10:44 AM


All times are GMT -5. The time now is 05:29 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration