On Wed, 2004-06-23 at 23:48, IZEM Farid wrote: > Hi all, > > We are currently testing NetFilter on Linux Slackware 9.0. > We have configured our netfilter to make SNAT and DNAT. > Some issues have been observed while configuring SNAT to allow ICMP. > When implemented this rule, it takes some time before icmp being able to > work. > When rebooting the NetFilter box, the same strange behaviour is > occurring. > Howewer all other SNAT/DNAT rules implemented are working immediately, > It' takes about 5 minutes until ICMP is working again. > > It's a very strange behaviour, isn't it? > > Please find the rule for ICMP: > > Iptables -A POSTROUTING -p icmp -s 192.168.1.42 -d > 172.19.92.0/255.255.255.0 -j SNAT --to-source 172.19.93.200 > > Any help would be appreciated. > > Best regards,172.19.92.0/255.255.255.0 -j SNAT --to-source 172.19.93.200 > > Farid > Email : farid.izem@xxxxxxxxxxxxxxx > > Try out this rule and let us know what happened! Iptables -t nat -A POSTROUTING -p icmp -s 192.168.1.42 -d 172.19.92.0/255.255.255.0 -o <out going interface> -j SNAT --to-source 172.19.93.200 Dharmendra T. Linux Security and Admin, www.nsecure.net
