<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: IP Masq over CIPE tunnel.
From: Robert Davidson <puttputt,AT,ebbs,DOT,com,DOT,au>
Date: Wed, 22 Aug 2001 04:14:24 +0200
In-reply-to: <3B825974.AE130A8F@ebbs.com.au>

michael Pfennich wrote:
> 
> what about
> 
> "iptables -t nat -A POSTROUTING -o cipcb0 -s 192.168.1.0/24 -j SNAT --to
> $IP_I_WANT_TO_NAT_TO "
> 
> does this work ???

Yep, it changed the source of the packets to 203.34.65.21, which is
the IP I wanted it to use, and it tried to go out the cipcb0 device
according to tcpdump, though I never saw any replys.  I tested it with
a traceroute to 203.34.65.1, which is the other end of the vpn.

> --> try to catch the Packets, with a "log"
> eg. before you try the nat, try a log
> 
> iptables -t nat -A POSTROUTING -o cipcb0 -s 192.168.1.0/24 -j LOG
> --log-prefix "test1"

Unfortinately I can't see whats going on with that.  Either nothing is
going via that chain or my syslog isn't picking it up (the machine is
remote so I can't see if messages are going to the console).

I'll test these others when I get some time, Thanks.

> iptables -t nat -A POSTROUTING -o cipcb0 -j LOG --log-prefix "test2"
> 
> try to "hang" on iptables on the interface --> look if this works...
> 
> iptables -A FORWARD -o cipcb0 -j LOG --log-prefix "forwardin "
>         (or -A OUTPUT )
> 
> hope it helps
> Michael Pfennich

-- 
Regards,
Robert Davidson.
http://www.mlug.org.au/





<< | Thread Index | >> ]    [ << | Date Index | >> ]