From: Billy Hager (whager_at_bellsouth.net)
Date: Tue May 21 2002 - 18:43:19 EDT
What I have done since my last message ....
My connection to the internet is on a dynamic IP address, so when I set up
NAT, I set the target to MASQUERADE, like every good boy should. ;) It
seems, though, that NAT doesn't change the source address of packets comming
from my vserver when the connection origionates from the vserver.
i.e My vserver is on eth:1 192.168.2.223 and my connection to the internet is
on ppp0. Any packet the vserver sent to the internet still had 192.168.2.223
as the source address when the connection originated from the vserver.
That's what happens when MASQUERADE is the target.
when I use "SNAT --to <ipaddr ppp0 is currently bound to>", NAT handles
packets comming from connections initiated on the vserver properly. It
changes the source address to reflect the address I give to it as a command
line option
For exactness, here is what I was using ....
iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE
And what works ...
iptables -t nat -A POSTROUTING -o ppp+ -j SNAT --to <IP address of ppp0>
My start up scripts are going to be a little longer now, but I've got
something that works. Does anyone know why SNAT works but not MASQUERADE?
-- Billy Hager | AIM: wwhager2 whager_at_bellsouth.net | http://www.billsbox.net
This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:01 EDT