<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: IP Masq over CIPE tunnel.
From: Casey Carter <Casey,AT,Carter,DOT,net>
Date: Wed, 22 Aug 2001 08:18:53 +0200
In-reply-to: <3B825974.AE130A8F@ebbs.com.au>

Ok, I can reproduce this with:

   ifconfig dummy0 pointopoint
   iptables -t nat -A POSTROUTING -o dummy0 -s -j MASQUERADE
   ping -I

(My private network is, this machine is
  This has nothing to do with CIPE; netfilter refuses to masquerade
source IPs that belong to the local machine. if i run ping from
another box, the masquerading works.  The error here is in your
specifying an invalid source address (at least invalid for this
particular use).  You should never need to masquerade a machine as
itself -- the makes no sense.

Robert Davidson wrote:

 >Hi all,
 >Does anyone know of any reason why no matter what I do I can not get
 >IP Masquerading working over the CIPE tunnel (Kernel 2.4.8 and 2.4.9).
 >The default gateway points to the remove end of the cipe tunnel.
 >The iptables command I'm using to do the masquerading is:
 >  iptables -t nat -A POSTROUTING -o cipcb0 -s -j
 >Using tcpdump on the cipcb0 interface says the packets are coming from
 >, which they are, but they're supposed to be getting
 >  tcpdump: listening on cipcb0
 >  22:46:53.068355 >  udp 10 [ttl
 >  22:46:58.066598 >  udp 10 [ttl
 >  22:47:03.066570 >  udp 10 [ttl
 >I'm using the traceroute command to specify the source address of the
 >packets, like so:
 >  traceroute -n -s
 >eth0 on the pc has an address of
 >I've also tried flushing all firewall rules with no success.
 >Any ideas?

Casey Carter
AIM: cartec69

<< | Thread Index | >> ]    [ << | Date Index | >> ]