From: Darryl Ross (spam_at_afoyi.com)
Date: Tue 07 Dec 2004 - 09:10:45 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Been fighting with a problem today to do with iptables and SNATing packets.
First a bit of background. At our office we have 2 ISDN links and a
satellite link for external connectivity. We have a /24 net block routed
to us via the satellite and use one of the ISDN links for our outbound
connectivity as well as inbound for a few bits and pieces that are
The second ISDN link is purely for running VoIP across for our office
PBX system. The PBX is Asterisk running inside a vserver on a machine
inside the network. For simplification of our software maintenance we
run a standardised kernel on all our machines, which includes the
Anyway, put simply, the problem that I am having is that the following
rule does not match any packets:
iptables -t nat -A POSTROUTING -s x.x.x.16/32 -j SNAT --to-source y.y.y.y
I am just in the middle of building a stock kernel to test it, but I am
expecting that to work as would be expected. The kernel that "doesn't
work" is 2.4.26-vs1.28 and the version of iptables is 1.2.6a-5.0woody2.
Has anyone come across this before?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
-----END PGP SIGNATURE-----
Vserver mailing list