Martin Daur wrote:
Hallo,
i have one physical machine running kernel 2.4.22-ctx17a (user tools 0.24) with a default route to the pppoe dev (ppp0). eth0 is the local network, and eth1 is connected to the dsl modem.
When I now change in an vps context with chbind and chcontext, i can ping hosts outside (over pppoe) but for all other packets (TCP/ UDP) it seems that masquerading is not done!
(ethereal shows that packets send out of an vps contains still the local source ip eg. 192.0.0.xxx and not that one from the masq dev)
# Masquerading iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o ppp0 -j MASQUERADE
MASQ will not touch local packets. You'll have to use SNAT:
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to-source $PUBLIC_IP_ADDRESS
Every time you change the (public) IP address will have to run the above... Take a look at pppd's ip-up scripts.
Have fun, Nuno Silva
