On Mon, Oct 10, 2005 at 09:31:41PM +0200, Dexter wrote: > This are my iptables rules. [ ... skip ]
> > >hmm maybe its better to tell us what iptables -t nat -L says if you use > >masquerading You've been asked about "nat" table (iptables -t nat -L) ;) You can try my script for "live" watching iptables rules: http://www.zind.ikem.pwr.wroc.pl/arch/linux/iptables.watch I propose such method for testing: 1) On client start for example: ping $some_remote_IP 2) On server start iptables.watch -Z -Wd ( -Z zeroes iptable counters -Wd watches with highlighting, rest of help below) A short watching of screen should give you where your packets are going. But my script is usable only if have (almost) no other transmissions. Sometimes "ping -f" on client can help or restart (stop via ctrl-c) iptables.watch often. ======================================================================= $ iptables.watch -h iptables.watch version 0.03, Mon Sep 26 12:48:24 CEST 2005 (c) Miroslaw Kwasniak, licence GPL 2.0 Displays only active chains/rules in iptables Usage: iptables.watch -h iptables.watch [-o ipt_options] [-ns] [-w width] [-W|-Wd] [-Z] [table [table ...]] -h : this help -o ipt_options : iptables options, default = --line-numbers -vxnL -ns : no squeeze spaces -w width : display width, default = ${COLUMNS:-80} -W : display via 'watch', default = to stdout -Wd : display via 'watch -d' -Z : zero iptables counters [table [table ..]] : list only specified tables, default = `cat /proc/net/ip_tables_names` uses: iptables, grep, sed, cat, cut and (optionally) watch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
