Re: IP Masq over CIPE tunnel.|
Robert Davidson <puttputt,AT,ebbs,DOT,com,DOT,au>|
Wed, 22 Aug 2001 04:14:24 +0200|
michael Pfennich wrote:
> what about
> "iptables -t nat -A POSTROUTING -o cipcb0 -s 192.168.1.0/24 -j SNAT --to
> $IP_I_WANT_TO_NAT_TO "
> does this work ???
Yep, it changed the source of the packets to 220.127.116.11, which is
the IP I wanted it to use, and it tried to go out the cipcb0 device
according to tcpdump, though I never saw any replys. I tested it with
a traceroute to 18.104.22.168, which is the other end of the vpn.
> --> try to catch the Packets, with a "log"
> eg. before you try the nat, try a log
> iptables -t nat -A POSTROUTING -o cipcb0 -s 192.168.1.0/24 -j LOG
> --log-prefix "test1"
Unfortinately I can't see whats going on with that. Either nothing is
going via that chain or my syslog isn't picking it up (the machine is
remote so I can't see if messages are going to the console).
I'll test these others when I get some time, Thanks.
> iptables -t nat -A POSTROUTING -o cipcb0 -j LOG --log-prefix "test2"
> try to "hang" on iptables on the interface --> look if this works...
> iptables -A FORWARD -o cipcb0 -j LOG --log-prefix "forwardin "
> (or -A OUTPUT )
> hope it helps
> Michael Pfennich