[Vserver] Vserver on DSL-Router. Problem with SNAT

From: Juergen Schmidt <mister-el_at_gmx.de>
Date: Tue 29 Nov 2005 - 05:58:57 GMT
Message-Id: <1133243937.9692.35.camel@el-tosh.ix-tech.com>

I have a vserver (debian stable vs1.9.5.x-4) on a dsl-router.
At the moment the default gw in the lan is, and this maschine
masquerades all packages. But now I wish to use squid on the vserver to
reach the internet. The problem now is that i'm not able to masquerade
the ip-packages from the vserver.

My interfaces are as follows:

eth0:0roe (vserver)
eth0 (host)
ppp0 (but dynamic ip-addresses)

I have tried the following iptables roules on the vserverhost (what is
the corret name for that maschine how holds the vserver?):

'iptables -t nat -I POSTROUTING -s -j MASQUERADE' (every
host in the lan can reach the internet, but not the vserver)

'iptables -t nat -I POSTROUTING -s -j MASQUERADE' (nothing
happens. The outgoning IP-Packages from the vserver over the ppp0 device
have already as source IP)

'iptables -t nat -I POSTROUTING -s -j SNAT --to-source' (nothing happens)

'iptables -t nat -I POSTROUTING -s -d www.google.de -j SNAT
--to-source' (now only icmp works, verry strange)

I tried to set up the ppp0 device for the vserver (ppp0:0roe, but without any luk.


