About this list Date view Thread view Subject view Author view Attachment view

From: Billy Hager (whager_at_bellsouth.net)
Date: Tue 21 May 2002 - 23:43:19 BST


What I have done since my last message ....

My connection to the internet is on a dynamic IP address, so when I set up
NAT, I set the target to MASQUERADE, like every good boy should. ;) It
seems, though, that NAT doesn't change the source address of packets comming
from my vserver when the connection origionates from the vserver.

i.e My vserver is on eth:1 192.168.2.223 and my connection to the internet is
on ppp0. Any packet the vserver sent to the internet still had 192.168.2.223
as the source address when the connection originated from the vserver.
That's what happens when MASQUERADE is the target.

when I use "SNAT --to <ipaddr ppp0 is currently bound to>", NAT handles
packets comming from connections initiated on the vserver properly. It
changes the source address to reflect the address I give to it as a command
line option

For exactness, here is what I was using ....
iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE

And what works ...
iptables -t nat -A POSTROUTING -o ppp+ -j SNAT --to <IP address of ppp0>

My start up scripts are going to be a little longer now, but I've got
something that works. Does anyone know why SNAT works but not MASQUERADE?

-- 
Billy Hager          | AIM: wwhager2
whager_at_bellsouth.net | http://www.billsbox.net


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 06 Nov 2002 - 07:03:40 GMT by hypermail 2.1.3