Great thanks Lonnie!
Regards
Michael Knill
On 27/3/21, 10:57 am, "Lonnie Abelbeck" wrote:
It tells you that 0 packets were SNAT'ed via eth3 ... so it seems your fix
worked.
Lonnie
> On Mar 26, 2021, at 5:10 PM, Michael Knill
wrote:
>
> Hi Lonnie
>
> I haven’
It tells you that 0 packets were SNAT'ed via eth3 ... so it seems your fix
worked.
Lonnie
> On Mar 26, 2021, at 5:10 PM, Michael Knill
> wrote:
>
> Hi Lonnie
>
> I haven’t managed to test out this site yet but as they are currently having
> an internet outage I thought I would hop in and h
Hi Lonnie
I haven’t managed to test out this site yet but as they are currently having an
internet outage I thought I would hop in and have a look as ppp0 is now down.
How is the best way to determine that SNAT is turned off other than being
onsite?
I tried 'arno-iptables-firewall status':
Thanks. Will do.
Regards
Michael Knill
On 20/3/21, 9:29 am, "Lonnie Abelbeck" wrote:
> So just to confirm, there shouldn't be any issues in having this in my
default wan-failover.script e.g. whether outbound-snat is configured or not?
Correct, the OUTBOUND_SNAT nat chain should only
> So just to confirm, there shouldn't be any issues in having this in my
> default wan-failover.script e.g. whether outbound-snat is configured or not?
Correct, the OUTBOUND_SNAT nat chain should only exist when the outbound-snat
plugin is enabled.
But test anyway :-)
Lonnie
> On Mar 19, 202
Thanks Lonnie
So just to confirm, there shouldn't be any issues in having this in my default
wan-failover.script e.g. whether outbound-snat is configured or not?
Regards
Michael Knill
On 20/3/21, 9:08 am, "Lonnie Abelbeck" wrote:
Hi Michael,
Again off the top of my head (needs testi
Hi Michael,
Again off the top of my head (needs testing), this would be more general...
-- /mnt/kd/wan-failover.script snippet --
SECONDARY)
...
## Disable outbound-snat plugin in iptables
if iptables -t nat -nL OUTBOUND_SNAT >/dev/null 2>&1; then
iptables -t nat -D POSTROUTIN
Thanks Lonnie
Sorry for the late reply. Yes I'm using the outbound-snat plugin.
So just to confirm:
SECONDARY)
## Disable outbound-snat plugin in both iptables and config file in case
of reboot
iptables -t nat -D POSTROUTING -j OUTBOUND_SNAT
sed -i 's/^ENABLED=.*$/ENABLED=0
Typo (remove trailing double-quote):
--
sed -i 's/^ENABLED=.*$/ENABLED=0/'
/etc/arno-iptables-firewall/plugins/outbound-snat.conf
--
Lonnie
> On Mar 17, 2021, at 9:48 AM, Lonnie Abelbeck
> wrote:
>
> Hi Michael,
>
> When you say you have SNAT configured, are you using the nat-loopback plugi
Hi Michael,
When you say you have SNAT configured, are you using the nat-loopback plugin or
the outbound-snat plugin ?
Either of those require obtaining the WAN IPv4 address to attach iptables "-j
SNAT --to-source $ip" rules, and as written only look at the primary external
address. Even if t
Grr problem now found. I had SNAT configured which didn't work on the second
WAN connection.
Any way I can fix this e.g. don't do SNAT on the failover WAN?
Regards
Michael Knill
From: Michael Knill
Reply to: AstLinux List
Date: Wednesday, 17 March 2021 at 4:27 pm
To: AstLinux List
Subject: [A
11 matches
Mail list logo
