With MASQUERADE & DNAT Iam able to run servers on veth and be able to access network. e.g., for SNMPD on veth3 ( 192.168.10.3 ) I do this on the host -A POSTROUTING -s 192.168.10.0/24 -j MASQUERADE -A PREROUTING -p udp -m state --state NEW,ESTABLISHED --dport 161 -j DNAT --to 192.168.10.3:161 Lot of protocols go out on random ports and listen on the same source port . How do I achieve network access for protocols that goes out on random ports and listen on random ports ? Do I need to add the PREROUTING rule on the host before I socket:listen, so the traffic gets forwarded to the right veth ? Thanks. VIjay. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
