Hi,
I've tried to reproduce the example from section 4.1 (simple source policy
routing) but without success. The setup is the same as in the example, with
only two differences: there is additionally a gre tunnel which doesn't seem
to disturb here, and one interface does not masquerade at all, as it's
thought to be used from the router only. Besides that, and the obviously
different IP addresses, the output of ip route list is just the same as in
the example. This is a debian box with linux stock kernel 2.6.8. From the
router everything seems to work fine, besides the insisting message
"MASQUERADE: Route sent us somewhere else.". Even "ip route get" gives
always the correct answer. But from the client computer (John's in the
example) things work from time to time only. It seems that the first packet
is correct, but that there are only little chances that the following
packets from John actually use his table. The fact, that it works sometimes
seems to indicate that the problem is not with iptables but with routing.
Was that example thought for an older version of the kernel? Is there
something else I need to add to make it work?
Thanks,
Cris
_________________________________________________________________
MSN Messenger: instale grátis e converse com seus amigos.
http://messenger.msn.com.br
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
