On Tuesday 17 February 2004 3:52 pm, John Black wrote:
> I'm trying to install a gateway/router with Red Hat 9 kernel 2.4.24 and the
> stock iptables 1.2.7, with full NAT compiled into the kernel.
Is this a standard RH combination - you've just installed some RPMs etc, or
have you built some part of it yourself (in which case the problem may well
be that you didn't buid the ither part as well)?
"netfilter" is the kernel part of the code, and "iptables" is the user part.
Both must match (be the same version) on a system in order to work correctly.
> I have read
> the howto at netfilter.org, even have the same line of code. But it sill
> will not change the source address.
>
> here is the line of code and the result of the command
> iptables -t nat -L -n
>
> iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to Ext_ip
> target prot opt source destination
> SNAT all -- 0.0.0.0/0 0.0.0.0/0 to:Ext_ip
A better command would be "iptables -L -nvx" because the v option tells us
which interfaces the rule applies to, and in this case that's important.
By the way, how are you testing the rule and coming to the conclusion that the
source address is not being changed?
Regards,
Antony.
--
Your work is both good and original. Unfortunately the parts that are good
aren't original, and the parts that are original aren't good.
- Samuel Johnson
Please reply to the list;
please don't CC me.
