On Tue, Dec 07, 2004 at 07:40:45PM +1030, Darryl Ross wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hey All, > > Been fighting with a problem today to do with iptables and SNATing packets. > > First a bit of background. At our office we have 2 ISDN links and a > satellite link for external connectivity. We have a /24 net block routed > to us via the satellite and use one of the ISDN links for our outbound > connectivity as well as inbound for a few bits and pieces that are > latency dependent. > > The second ISDN link is purely for running VoIP across for our office > PBX system. The PBX is Asterisk running inside a vserver on a machine > inside the network. For simplification of our software maintenance we > run a standardised kernel on all our machines, which includes the > vserver patchs. > > Anyway, put simply, the problem that I am having is that the following > rule does not match any packets: > > iptables -t nat -A POSTROUTING -s x.x.x.16/32 -j SNAT --to-source y.y.y.y
which packets do you expect it to match? > I am just in the middle of building a stock kernel to test it, but I am > expecting that to work as would be expected. The kernel that "doesn't > work" is 2.4.26-vs1.28 and the version of iptables is 1.2.6a-5.0woody2. > > Has anyone come across this before? no, any tcpdump maybe? best, Herbert > TIA > Darryl > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (MingW32) > > iD8DBQFBtXOV/XQ6DbmPjokRAvhfAJ4giNmnZrf900Sd3cb3BqqJIv20OACeIp3c > /HFCRhuxzKgfeq0xtwmGWxA= > =cAG2 > -----END PGP SIGNATURE----- > _______________________________________________ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
