Alexei Ustyuzhaninov a écrit :
Pascal Hambourg wrote:
SNAT should work on packets creating a new connection (i.e. in the
state NEW).
Yes, really! The SYN packet goes out through the right interface with
the right source address, SYN/ACK comes back and that's all, nothing
will happen more.
This looks like a filtering issue causing the reply packet to be
dropped. Check your iptables 'filter' rules and that source validation
by reversed path is disabled for that interface
(/proc/sys/net/ipv4/conf/<interface>/rp_filter=0).
I just want a simple thing: to send mail via one provider and all other
traffic via the other provider
You may be able to specify the desired source address for outgoing
connections if your mail application allows it.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
