On Thursday 2012-02-09 12:05, Giles Coochey wrote: > On 2012-02-09 05:35, Enrique Huerta de la Fuente wrote: >> Hello, >> >> Masquerade do not work at a UDP port, but if it works at a TCP port. >> >> (works) iptables -t nat -I POSTROUTING -m tcp -p tcp --dport 22 -o >> ppp0 -j MASQUERADE >> (not working) iptables -t nat -I POSTROUTING -m udp -p udp --dport >> 1195 -o ppp0 -j MASQUERADE >> > > The "-m udp" confuses me. Do you really need to specify that module, try it > without the -m option for UDP, I don't tend to use it for TCP either, but if > it's not broken, don't fix it... Note that -p only looks at the IP header, but -m udp is required for the UDP header. So yes, -m udp is required (though it's added automatically if you forget it). -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
