FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User
Reload this Page iptables SNAT failing to work on second gateway.

 
 
LinkBack Thread Tools
 
Old 01-11-2009, 03:34 AM
Louis
 
Default iptables SNAT failing to work on second gateway.
Hello,

i have two gateways.
gateway 1 == eth1
gateway 2 == ppp0
lan == eth0

eth1 is the deafault gateway(i do not want to change the deafault gateway)

SNAT works fine if i use eth1 and it's ip.

It fails when i try to use ppp0 and it's ip.

here is a screenshot that shows what is not working

http://img82.imageshack.us/img82/1038/91629062qv2.jpg

how ever i kinda get it working when i do this(trying to force it's hand)

iptables -A PREROUTING -t mangle -i eth0 -s 192.168.1.102 -j MARK
--set-mark 1
iptables -t nat -A POSTROUTING -s 192.168.1.102 -o ppp0 -j SNAT
--to-source 60.241.215.xxx
ip rule add fwmark 1 table TPG

IPTRAF output:
ICMP echo req (60 bytes) from 192.168.1.102 to 206.190.60.37 on eth0
ICMP echo req (60 bytes) from 60.241.215.xxx to 206.190.60.37 on ppp0
ICMP echo rply (60 bytes) from 206.190.60.37 to 60.241.215.xxx on ppp0

so it gets close in that case but it will not forward the reply to
192.168.1.102

other info that might be of use:
root@1:~# uname -r
2.6.27-9-server
i've patched kernel with http://www.ssi.bg/~ja/patch-2.6.27-ja1.diff
made no difference.
same result when useing MASQUERADE

i hope this is enough infromation

Thanks.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 01-14-2009, 04:44 PM
Rashkae
 
Default iptables SNAT failing to work on second gateway.
Louis wrote:
> Hello,
>
> i have two gateways.
> gateway 1 == eth1
> gateway 2 == ppp0
> lan == eth0
>
> eth1 is the deafault gateway(i do not want to change the deafault gateway)
>
> SNAT works fine if i use eth1 and it's ip.
>
> It fails when i try to use ppp0 and it's ip.
>
> here is a screenshot that shows what is not working
>
> http://img82.imageshack.us/img82/1038/91629062qv2.jpg
>
> how ever i kinda get it working when i do this(trying to force it's hand)
>
> iptables -A PREROUTING -t mangle -i eth0 -s 192.168.1.102 -j MARK
> --set-mark 1
> iptables -t nat -A POSTROUTING -s 192.168.1.102 -o ppp0 -j SNAT
> --to-source 60.241.215.xxx
> ip rule add fwmark 1 table TPG
>
> IPTRAF output:
> ICMP echo req (60 bytes) from 192.168.1.102 to 206.190.60.37 on eth0
> ICMP echo req (60 bytes) from 60.241.215.xxx to 206.190.60.37 on ppp0
> ICMP echo rply (60 bytes) from 206.190.60.37 to 60.241.215.xxx on ppp0
>
> so it gets close in that case but it will not forward the reply to
> 192.168.1.102
>

What does your iptables -L FORWARD look like? Are you dropping the
packets being forwarded from ppp0 to lan?


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 01-16-2009, 07:43 AM
Louis
 
Default iptables SNAT failing to work on second gateway.
hi,

iptables -P FORWARD ACCEPT

no rules in there at present but it is set to accept.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 09:35 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -