iptables nat issue
Marco Catunda
marco.catunda at gmail.com
Sat May 24 20:36:17 UTC 2008
On Fri, May 23, 2008 at 9:29 PM, Mike Bird <mgb-ubuntu at yosemite.net> wrote:
> What is the source IP before the SNAT is applied?
192.168.90.1
>
> Also please show us the output of:
>
> sudo grep . /proc/sys/net/ipv4/conf/*/forwarding
root at supgr05:~# sudo grep . /proc/sys/net/ipv4/conf/*/forwarding
/proc/sys/net/ipv4/conf/all/forwarding:0
/proc/sys/net/ipv4/conf/default/forwarding:1
/proc/sys/net/ipv4/conf/eth0/forwarding:0
/proc/sys/net/ipv4/conf/lo/forwarding:0
/proc/sys/net/ipv4/conf/tun0/forwarding:1
/proc/sys/net/ipv4/conf/vmnet1/forwarding:1
/proc/sys/net/ipv4/conf/vmnet8/forwarding:1
Great!! This is the problem. Thanks a lot. Not all interfaces was
ip_forward set to true.
I'd used the following syntax to set up ip forward:
sysctl -w net.ipv4.conf.default.forwarding=1
But not set it up all interfaces :(
I've tweaked it using
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
....
Older fashion :)
root at supgr05:~# sudo grep . /proc/sys/net/ipv4/conf/*/forwarding
/proc/sys/net/ipv4/conf/all/forwarding:1
/proc/sys/net/ipv4/conf/default/forwarding:1
/proc/sys/net/ipv4/conf/eth0/forwarding:1
/proc/sys/net/ipv4/conf/lo/forwarding:1
/proc/sys/net/ipv4/conf/tun0/forwarding:1
/proc/sys/net/ipv4/conf/vmnet1/forwarding:1
/proc/sys/net/ipv4/conf/vmnet8/forwarding:1
Everything works well.
Thanks!
>
>> I can't figure out why this is not work. The packets arrived at SERVER
>> MACHINE (I could see it
>> using tcpdump), the SERVER MACHINE reply. The reply packet arrives at
>> OFFICE MACHINE,
>> but It don't foward to tun0 device, therefore, the HOME MACHINE
>> doesn't receive reply packet.
>
> tcpdump? Most people switched to wireshark a long time ago. ;-)
The SERVER MACHINE is very old RedHat 3... We have to take care
some Jurassic stuffs here. :(
>
> --Mike Bird
--
Marco Catunda
More information about the ubuntu-users
mailing list