this is a udp datagram which originate from one of the computers in my local lan, not the firewall however, the SNAT is on the POSTROUTING table which means (as far as i know) that it is also applied to packets originating from the firewall ( i.e. the packets from the OUTPUT chain travel to the POSTROUTNING chain) pls. correct me if i'm wrong. thanks, erez. On 3/14/06, Ilya Konstantinov <linux-il@xxxxxxxxxxxxxxxxxx> wrote: > Where are you pinging from? Be aware that locally-generated packets > (e.g. pinging from the firewall) don't pass the NAT tables. > > Erez D wrote: > > > but tcpdump both on ppp0 and on remote bbb.bbb.bbb.bbb gives: > > > > > > 10:35:27.564611 IP 192.168.0.254.5070 > bbb.bbb.bbb.bbb.5060: UDP, length 489 > > > > so snat is not working > > > > _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
