Stephane Jourdois wrote:
i don't know if I've got your problem correctly, also because I don't know pptp too much (so, shut up, you'll say...;)I would need to be able to modify the source ip on input GRE paquets. This is because I'm trying to setup a pptp tunnel, via a router that doesn't NAT correctly the GRE. The client receives GRE, but replies with it's own local ip, then my server cannot receive the answers... If I could just change the source ip on those paquets, that would be perfect...
if you want to match gre packets and change their source address (not the source addr. of encapsulated packets) you should be able with
iptables -A POSTROUTING -t nat -p gre -j SNAT --to-source new-grepacket-source-addr
this will match all outgoing (from the client) traffic using gre protocol.
but is this what you need?
where are the tunnel end points? the router has two tunnels connecting the server and the client? the tunnel is between the router and the server?
Instead, if you want to change source address of encasplulated packets, that would be interesting...
