On Wed, Apr 22, 2020 at 12:30:58AM +0200, Gaétan QUENTIN wrote: > and snat: > MASQUERADE 172.20.10.0/24 enp0s31f6 > > Now the problem: > > i add a vpn: ppp0. this one add routes like this ones: > 192.168.0.0/19 via 172.19.13.95 dev ppp0 > the vpn gateway is 172.19.13.95 > > From my container: > > - i still can ping internet and local network > - i can't ping ip in ppp0 routes. If i do that, and i do tcpdump: > - on br0: i can see packet go out , with container source ip: but reply > never come > - on enp0s31f6 i don't see anything > - on ppp0 : i can see packets with container ip source and no replies. > > So why in that case masquerade do not work and what should i do?
Don't you need a masq rule for DEST ppp0 ? -- Justin _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
