> > I still seem to have much the same problem. I no longer get ICMP > > unreachable errors, but the packet just seems to disappear - I can't see > > it being forwarded on any interface, nor can I find any kind of reply - > > icmp or otherwise. > > sounds like a firewall issue! It does sound like a firewall issue, but the only firewall rule I have at the moment is the one doing the DNAT. If I do 'iptables -t nat -L -v', then I can see the number of packets increasing. Once I remove the firewall rule, I get my "icmp unreachable" errors again. Funnily enough, if I then reinstate the firewall (dnat) rule, then I still get "icmp unreachable" errors and the packet count doesn't go up for the rule. It's almost as though the rule doesn't get consulted. 'ip route flush cache' doesn't make a difference. After about 5 minutes the "icmp unreachable" errors stop and the packet count starts going up, although I still can't find my packet on the next hop. (I do have forwarding switched on). The packet count on a iptables log rule on the forward table does not go up, giving me the impression that routing has failed. I also tried ip r get <random internet address> from 192.168.12.5, which did indeed give me the same "RTNETLINK answers: Invalid argument" error. I guess that means that my understanding of the purpose of 'ip r get' is indeed faulty. Thanks for all your help so far. Paul Viney _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
