On 22 October 2012 06:06, Michael D. Wood <[email protected]> wrote: > Curious as to what the outcome of this was, Robin?
I started writing this mail to say it was still broken but then had an idea and now it is working. I added logging to the final deny all rules on the rules and it was that that was killing the traffic. After some experimenting I found I had to add a new rule to allow the OpenVPN network to talk to the world. I had the one that the instructions I followed said would work but it didn't so I had to tweak it a little. Robin > > On Oct 16, 2012, at 11:38 AM, Robin Wood wrote: > >> On 16 October 2012 03:10, Michael D. Wood <[email protected]> wrote: >>> >>> Robin, >>> >>> From the research I've done, it almost looks like it could be the order >>> in the way the rules are being processed. You had mentioned everything >>> works fine when you wipe the rules out and add the one manually, is there >>> another rule that you have in place possibly causing it not to work, or >>> getting processed first? Just an idea... >>> >>> http://www.faqs.org/docs/iptables/traversingoftables.html >> >> >> It could be, plus this has just given me the idea to extract the rule >> that fwbuilder is creating for this and then clearing the rules and >> running just that on its own. If that works then it is the ordering or >> something else that is being set, if that fails then it is the rule >> that is at fault. >> >> Robin >> >>> >>> On Oct 15, 2012, at 4:14 AM, Robin Wood wrote: >>> >>>> Short version of the question, how do I set up this rule using Firewall >>>> Builder? >>>> >>>> iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 123.12.23.43 >>>> >>>> Longer version. >>>> >>>> I've got OpenVPN setup on my server and connecting to it from my >>>> phone. If I clear all the existing firewall rules on the server and >>>> add the rule above routing works fine and I can browser through the >>>> VPN but if I leave the existing rules in place and add the new one >>>> manually it doesn't work. As the rest of the rules are built using >>>> Firewall Builder I need to know how to add that rule so it fits in >>>> with the rest and comes up by default. >>>> >>>> I've tried adding a new entry in the NAT section with a Original Src >>>> as my VPN network (as set up in the Networks section under Objects) >>>> and the Translated Src as either eth1 or the IP associated with eth1 >>>> but that didn't work. I also tried setting things up in Routing but >>>> that didn't work either. >>>> >>>> Robin >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
