On Monday 01 August 2005 14:01, /dev/rob0 wrote: > Gavin Hamill wrote: > > Hi - this is one of those "not sure if it's netfilter or LARTC" issues, > > I'm not sure either, but here's a guess. > > > -A POSTROUTING -s 10.0.0.0/255.255.255.0 -o eth1 -j MASQUERADE > > -A POSTROUTING -s 10.0.0.0/255.255.255.0 -o eth2 -j MASQUERADE > > Why MASQUERADE? Try using SNAT rules. MASQ because the IP addresses on each interaface are DHCP - home ISPs - not business ones :) > > using tcpdump I can see the outgoing and reply packets on eth2 with the > > correct source address (i.e. the one the ISP on eth2 gives me) set, but > > tcpdump on eth0 shows only the packets from the MASQ'd host - the replies > > from the Internet host are not passed through. > > Is there anything dropping the packets in FORWARD? Try tracking with > iptables LOG rules rather than tcpdump. OK, I'll give that a whirl :) Cheers, Gavin.
