Re: [Vserver] Vserver on DSL-Router. Problem with SNAT

From: Baltasar Cevc <baltasar_at_cevc-topp.de>
Date: Tue 29 Nov 2005 - 20:33:20 GMT
Message-Id: <59aac4d74afd5cecd35a8bce055a5514@cevc-topp.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>
Hi Juergen,

> The OUTPUT nat chain is only able to dnat.
Now that you mention this I think I remember the point: OUPUT is not the
place to do it - you were right with POSTROUTING - I had a look on the
configuration on my server - the relevant part looks like this:

Chain POSTROUTING (policy ACCEPT)
[...]
SNAT tcp -- web_max.intern !vservers.intern/24 to:ip1
SNAT udp -- vservers.intern/24 !vservers.intern/24 to:ip2
SNAT tcp -- vservers.intern/24 !vservers.intern/24 to:ip2
SNAT icmp -- vservers.intern/24 !vservers.intern/24 to:ip2

I haven't ever tried it with MASQUERADE, but the configuration
mentioned here works....

Hope you will find a solution soon ;-)
Baltasar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)

iD8DBQFDjLsTp2YsmzTbIwYRAit+AKCl0rrbDFst3/SSY1UiqsOp1EgekgCgyZUH
WRyOY0i+sNDdt6hXK7+7wY0=
=IIkd
-----END PGP SIGNATURE-----

_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Tue Nov 29 20:33:49 2005

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 29 Nov 2005 - 20:33:55 GMT by hypermail 2.1.8