LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-10-2019, 12:23 PM   #1
dr.x
Member
 
Registered: Jan 2013
Posts: 171

Rep: Reputation: Disabled
hello folks need to enable iptables ip6 6-6 nat


heel need help in linux to allow ipv6 nat src nat



i need it on centos 6 to allow rule like :
ip6tables -t nat -A POSTROUTING -o eth1 -j SNAT --to 2001:db8::1


but i see errors like


[root@server ~]# ip6tables -t nat -A POSTROUTING -o eth1 -j SNAT --to 2001:db8::1
ip6tables v1.4.7: unknown option `--to'
Try `ip6tables -h' or 'ip6tables --help' for more information.
[root@server ~]# ip6tables -t nat -A POSTROUTING -o eth1 -j SNAT
ip6tables v1.4.7: Couldn't load target `SNAT':/lib64/xtables/libip6t_SNAT.so: cannot open shared object file: No such file or directory

Try `ip6tables -h' or 'ip6tables --help' for more information.
[root@server ~]#



already install Xtables but no luck !



any help ?
 
Old 01-10-2019, 12:40 PM   #2
dr.x
Member
 
Registered: Jan 2013
Posts: 171

Original Poster
Rep: Reputation: Disabled
is there iptables pack on centos 6 contain :

/usr/lib64/xtables/libip6t_SNAT.so


??????????????????
 
Old 01-10-2019, 01:22 PM   #3
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.5
Posts: 2,315

Rep: Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757
man yum
Code:
yum provides libip6t_SNAT.so
(may need wildcards...check the man page)

Quote:
Try `ip6tables -h' or 'ip6tables --help' for more information.
Did you do that?
 
1 members found this post helpful.
Old 01-10-2019, 01:48 PM   #4
dr.x
Member
 
Registered: Jan 2013
Posts: 171

Original Poster
Rep: Reputation: Disabled
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
epel/metalink | 18 kB 00:00
* base: mirror.genesisadaptive.com
* epel: mirror.steadfastnet.com
* extras: ewr.edge.kernel.org
* updates: mirrors.usinternet.com
base | 3.7 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
Warning: 3.0.x versions of yum would erroneously match against filenames.
You can use "*/libip6t_SNAT.so" and/or "*bin/libip6t_SNAT.so" to get that behaviour
No Matches found
[root@server ~]#
 
Old 01-10-2019, 02:57 PM   #5
lazydog
Senior Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 1,231
Blog Entries: 3

Rep: Reputation: 193Reputation: 193
Quote:
Originally Posted by dr.x View Post
ip6tables -t nat -A POSTROUTING -o eth1 -j SNAT --to 2001:db8::1
Change --to to --to-destination
 
1 members found this post helpful.
Old 01-10-2019, 03:10 PM   #6
dr.x
Member
 
Registered: Jan 2013
Posts: 171

Original Poster
Rep: Reputation: Disabled
[root@server ~]# ip6tables -t nat -A POSTROUTING -o eth1 -j SNAT --to-destination 2001:db8::1
ip6tables v1.4.7: unknown option `--to-destination'
Try `ip6tables -h' or 'ip6tables --help' for more information.
[root@server ~]#



i see this lib file exist but in centos 7 iptables rpms

not sure why not exist with centos 6 ?

what can i do ?
 
Old 01-16-2019, 11:02 AM   #7
vincix
Member
 
Registered: Feb 2011
Distribution: Centos 7
Posts: 913

Rep: Reputation: 74
You're using SNAT --to-destination, but you're supposed to use --to-source, because you're changing the ip source, not the ip destination. And you need to place (under normal circumstances) the public ip there. I'm guessing it was just a slip from lazydog, I'm sure he knows snat/dnat

Last edited by vincix; 01-16-2019 at 11:03 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] ip6-ip6 tunnel receives traffic but not going out to the outbound interface xywang Linux - Networking 1 10-24-2011 07:01 PM
NAT and NAT Server behind its own NAT(private network) zeusys Linux - Networking 1 06-08-2011 07:22 PM
IP6 Fedora Core 2 odysseynetwork Linux - Networking 0 10-15-2004 12:29 PM
OpenBSD IP6 Vulnerability leeach *BSD 10 03-18-2004 07:33 PM
OOT: ip6 makes NAT to be history linuxJaver Slackware 0 09-08-2003 03:27 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration