On Sunday 09 June 2002 10:49 pm, [EMAIL PROTECTED] wrote: > Hi, > > I would like to SNAT icmp fragmentation-needed messages that have source > address from private network range (RFC1918), I have tried something like: > > iptables -t nat -I POSTROUTING -j SNAT --to real_address -p icmp \ > --icmp-type fragmentation-needed -s 192.168.0.0/16 > > but it does not work.
What happens if you put a logging rule immediately before this one: iptables -I POSTROUTING -t nat -s 192.168.0.0/16 -p icmp --icmp-type fragmentation-needed -j LOG --log-prefix "icmp SNAT" Do you get any packets logged ? Antony
