RE: Netfilter and Poptop ( and stuff ... )

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

thank you for any suggestions on my topic. Now Ive realized what is
FW-Builder actually doing and I would like to hear your opinion. 

When I create interfaces in FW-Builder, the created script ( iptables script
generated by fw-builder ) gets the IP address of the used interfaces by
using 

ip -4 addr show dev "interface"

which results as "no such interface" for a non-existing ppp tunnel end
point! To use NAT for all packet from my ppp interfaces, fw-builder
generates following 

-A POSTROUTING -o eth0 -s $i_ppp -j SNAT --to-source my_ext_ip

This rule apparently works only with IP addresses after the "-s" option,
right? Ive tried to use this rule for all my ppp interfaces by using

-A POSTROUTING -o eth0 -s ppp+ -j SNAT.... but is says that ppp+ is unknown,
so I suppose iptables require an ip/host entry here... can anyone tell me
how to get all my PPP interfaces masqueraded on interface eth0?

Regards,

Edvin Seferovic
-----Original Message-----
From: poptop-server-admin@xxxxxxxxxxxxxxxxxxxxx
[mailto:poptop-server-admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Phil Oester
Sent: Montag, 10. Oktober 2005 17:16
To: Seferovic Edvin
Cc: netfilter@xxxxxxxxxxxxxxxxxxx; poptop-server@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [Poptop-server] Netfilter and Poptop ( and stuff ... )

On Mon, Oct 10, 2005 at 08:28:37AM +0200, Seferovic Edvin wrote:
> I wanted to make this easy as possible, but as always - I took the wrong
> turn... probably by choosing Firewall Builder to help me get my firewall
set
> up. I achived everything, but I cannot configure ppp+ interfaces in
> FW-Builder? Does anyone has a hint for me? Is this possible anyway (
please
> don't tell me I have to configure 150 ppp interfaces in FW-Builder ) ??? 

If FW-Builder cannot handle the ppp+ syntax which is legal in iptables,
I'd say that's a bug.  Report it to maintainer.

Phil


-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
Poptop-server mailing list
Poptop-server@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/poptop-server
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux