Re: icmp forward

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hinko Kocevar a écrit :

My bad, should be:
iptables -A FORWARD -p icmp --icmp-type echo-request -j ACCEPT
iptables -t nat -A PREROUTING -d 172.31.64.121 -p icmp -j DNAT --to-destination 10.1.1.2

Actually both rules should contain "--icmp-type echo-request", as you want to redirect only the ICMP echo request type (aka ping).

However, I'm wondering... It seems the gateway has private addresses on both sides, so why do you bother with NAT ? Why not just ping the actual device address 10.1.1.2 instead ?
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux