iptables SNAT failing to work on second gateway.
Rashkae
ubuntu at tigershaunt.com
Wed Jan 14 17:44:00 UTC 2009
Louis wrote:
> Hello,
>
> i have two gateways.
> gateway 1 == eth1
> gateway 2 == ppp0
> lan == eth0
>
> eth1 is the deafault gateway(i do not want to change the deafault gateway)
>
> SNAT works fine if i use eth1 and it's ip.
>
> It fails when i try to use ppp0 and it's ip.
>
> here is a screenshot that shows what is not working
>
> http://img82.imageshack.us/img82/1038/91629062qv2.jpg
>
> how ever i kinda get it working when i do this(trying to force it's hand)
>
> iptables -A PREROUTING -t mangle -i eth0 -s 192.168.1.102 -j MARK
> --set-mark 1
> iptables -t nat -A POSTROUTING -s 192.168.1.102 -o ppp0 -j SNAT
> --to-source 60.241.215.xxx
> ip rule add fwmark 1 table TPG
>
> IPTRAF output:
> ICMP echo req (60 bytes) from 192.168.1.102 to 206.190.60.37 on eth0
> ICMP echo req (60 bytes) from 60.241.215.xxx to 206.190.60.37 on ppp0
> ICMP echo rply (60 bytes) from 206.190.60.37 to 60.241.215.xxx on ppp0
>
> so it gets close in that case but it will not forward the reply to
> 192.168.1.102
>
What does your iptables -L FORWARD look like? Are you dropping the
packets being forwarded from ppp0 to lan?
More information about the ubuntu-users
mailing list