Hi, I have a following setup. GW eth1 (private ip) is connected to the ISP router. For host H1 I have set the DNS server as 10.12.3.10. H1 (eth0) --- (eth0) GW (eth1) --- H1 eth0 = 192.168.1.2 GW eth0 = 192.168.1.1 GW eth1 = 10.12.3.12 DNS = 10.12.3.10 I have added a rule in GW saying iptables -A POSTROUTING -t nat -o eth1 -j MASQUERADE Now when I am trying to access internet from host H1, DNS queries are being sent to 10.12.3.10 which are masqueraded in GW. Once replies come back from DNS server then GW is replying back to DNS server with icmp destination unreachable. Ideal cases once the reply comes back GW has to send it to the host H1 right ? Sorry if I am wrong or missed any steps down here ? Regards, Ajith -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
