----- Original Message -----
Sent: Wednesday, March 10, 2004 6:13
AM
Subject: RE: Did MASQUERADE not work
?
> Iptables script is the same as when it
worked.
> MASQ line is:
> iptables -t nat -A POSTROUTING -s
192.168.250.0/24 -d
> $internet -j MASQUERADE
Hi ,
You have missed the outgoing interface "-o" option (
Internet Interface )
iptables -t nat -A POSTROUTING -o eth1 -s
192.168.250.0/24 -d
$internet -j MASQUERADE
must work.
regards,
U.SivaKumar,
Networking & E-Security,
HCL
INFOSYSTEMS LIMITED,
"The Purpose of Computing is Insight, Not Numbers"
"Rob Sterenborg" <rob@xxxxxxxxxxxxxxx>
Sent by: netfilter-admin@xxxxxxxxxxxxxxxxxxx
03/10/2004 08:52 AM CET
To: "'Kevork'" <rxlm@xxxxxxxxxxxxxxx>,
<netfilter@xxxxxxxxxxxxxxxxxxx>
cc:
bcc:
Subject: RE:
Did MASQUERADE not work ?
> Iptables script is the same as when it
worked.
> MASQ line is:
> iptables -t nat -A POSTROUTING -s
192.168.250.0/24 -d
> $internet -j MASQUERADE
What is "-d $internet" ?
If $internet is 0.0.0.0 (as
it should be) then you don't need to specify it
as this is
assumed.
Did you try SNAT
:
iptables -t nat -A POSTROUTING -o <if_inet> \
-s
192.168.250.0/24 -j SNAT --to-source <ip_inet>
Do you have a FORWARD rule in place that allows
MASQ/SNAT, or do you have
FORWARD policy set to ACCEPT (which you should
not do) ?
Do you have "echo 1 >
/proc/sys/net/ipv4/ip_forward" ?
Gr,
Rob
=
