Hi,
I am working with Debian Squeeze and the latest package available for
Packetfence.
We want to route our registered users rather than NAT them. But the
instructions for custom NAT "Comment the line %%nat_postrouting_inline%% in
conf/iptables.conf. Restart PacketFence. At this point packets are routed
out" don't seem to work. As long as :postrouting-int-inline-if - [0:0] is
in my iptables.conf these rules are created:
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
postrouting-int-inline-if all -- anywhere anywhere
mark match 0x3
postrouting-int-inline-if all -- anywhere anywhere
mark match 0x1
postrouting-int-inline-if all -- anywhere anywhere
mark match 0x2
But ,of course, if I comment out :postrouting-int-inline-if - [0:0] I get
errors on start-up and dns redirection breaks.
We have been using packetfence 3.3.2 with Fedora and had the same issue.
There I edited iptables.pm to get the behavior I wanted like this:
foreach ($IPTABLES_MARK_UNREG, $IPTABLES_MARK_REG,
$IPTABLES_MARK_ISOLATION) {
to:
foreach ($IPTABLES_MARK_UNREG, $IPTABLES_MARK_ISOLATION) {
This worked and it looks it will work again. But I'd really rather have the
other piece working.
Any suggestions on why the directions aren't working for me?
--
John Baker
Network Administrator
Marlboro College
Phone: 451-7551 Cell: 490-0066
------------------------------------------------------------------------------
Own the Future-Intel® Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest.
Compete for recognition, cash, and the chance to get your game
on Steam. $5K grand prize plus 10 genre and skill prizes.
Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
