[Gllug] Problems with postrouting and iptables
andy at mac1systems.com
andy at mac1systems.com
Fri Aug 22 18:38:44 UTC 2003
> On Friday, 22 Aug 2003, andy at mac1systems.com wrote:
>>I have 213.232.87.0/29 on the public side and 192.168.24.0/22 on the
>>private.
>>Each 192.168.x.0 is its own class C with the linux box having ip
>>aliases on the eth0 port.
>>Connections from 192.168.27.x to a public get correctly SNATed and it
>>works a treat (and from the others).
>>But also connections from 192.168.27.x to 192.168.25.x are also being
>>SNATed and look like they are coming from the gateway, which I don't
>>want. I have the following in my script to add rules.
>> iptables -A FORWARD -s $LOCAL_NET -d $LOCAL_NET -j ACCEPT
>
> If each 192.126.x is its own class C surely a packet from 27 to 25
> doesn't match -s $LOCAL_NET -d $LOCAL_NET ?
$LOCAL_NET is 192.168.24.0/22 so should matched .24,.25,.26 and .27 ?
Andy
>
> --
> David Damerell <damerell at chiark.greenend.org.uk> Distortion Field!
>
> --
> Gllug mailing list - Gllug at linux.co.uk
> http://list.ftech.net/mailman/listinfo/gllug
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list