iptables is like alchemy
Jorge Fábregas
jorge.fabregas at gmail.com
Thu Jan 3 11:15:48 UTC 2013
On 01/03/2013 03:47 AM, Alan Evans wrote:
> Anyway, the rule I posted is the only rule in use here. I have tried other
> iterations that did involve a MASQUERADE rule, but they didn't work either.
> Like I said, I've been scouring google to solve this for a long time.
I see but this doesn't makes sense. That can't be the only rule in
place. How are you figuring out which rules are in place? Remember you
need to use: "iptables -L -t nat" in order to see the nat table. If you
don't add the "-t nat" you'll only see the regular filter table. Also,
if that's the only rule as you mention, where's the ALLOW rule for
incoming UDP/53 traffic for DNS?
Regarding MASQUERADE, as far as I know, netfilter won't do this
automatically. You need to explicitly masquerade the internal network
IPs or use the SNAT functionality.
Please post your complete rules in pastebin or similar. There's no need
to use the real IPs & ports but, at least, post something that is very
similar to what you have. There's no way you can do this with a simple
line or two.
--
Jorge
More information about the users
mailing list