About this list Date view Thread view Subject view Author view Attachment view

From: Darryl Ross (spam_at_afoyi.com)
Date: Tue 07 Dec 2004 - 09:10:45 GMT

Hash: SHA1

Hey All,

Been fighting with a problem today to do with iptables and SNATing packets.

First a bit of background. At our office we have 2 ISDN links and a
satellite link for external connectivity. We have a /24 net block routed
to us via the satellite and use one of the ISDN links for our outbound
connectivity as well as inbound for a few bits and pieces that are
latency dependent.

The second ISDN link is purely for running VoIP across for our office
PBX system. The PBX is Asterisk running inside a vserver on a machine
inside the network. For simplification of our software maintenance we
run a standardised kernel on all our machines, which includes the
vserver patchs.

Anyway, put simply, the problem that I am having is that the following
rule does not match any packets:

iptables -t nat -A POSTROUTING -s x.x.x.16/32 -j SNAT --to-source y.y.y.y

I am just in the middle of building a stock kernel to test it, but I am
expecting that to work as would be expected. The kernel that "doesn't
work" is 2.4.26-vs1.28 and the version of iptables is 1.2.6a-5.0woody2.

Has anyone come across this before?

Version: GnuPG v1.2.1 (MingW32)

Vserver mailing list

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 07 Dec 2004 - 09:12:48 GMT by hypermail 2.1.3