[lug] Firewall spontaneously combusted???
Kevin Fenzi
kevin at scrye.com
Sat Sep 11 12:21:42 MDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "David" == David Morris <lists at morris-clan.net> writes:
David> On Fri, Sep 10, 2004 at 05:54:40PM -0600, Kevin Fenzi wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
David> cat 1 > /proc/sys/net/ipv4/ip_forward iptables --table nat
David> --append POSTROUTING \ --out-interface eth1 --jump SNAT \ --to
David> <external_ip>
>>
David> I can run these commands on other systems and I get IP
David> Masquerading as expected. Just before I moved I could run it
David> on the Sparc LX with as well and it worked there.
>> Odd. I don't think that would work anywhere.
>>
>> cat 1 > /proc/sys/net/ipv4/ip_forward
>>
>> will cat the contents of a file called '1' into that proc file.
>>
>> Perhaps you meant to do:
>>
>> echo 1 > /proc/sys/net/ipv4/ip_forward ?
David> Oops, I just typed the wrong command line in the email. Wasn't
David> paying attention to what I was typing and was trying to get out
David> the door.
Ah, ok. ;)
>> Try the echo and make sure it's setting ip_forward...
>>
>> Otherwise it might be hitting another rule before the one you are
>> appending to? Perhaps a deny all before that?
David> No other rules exist, and ip_forward is set to "1".
Odd.
I have:
- -t nat -A POSTROUTING -o dsl -j SNAT --to-source <externalip>
For my dsl.
Are you sure you have the right out interface? eth1 is your external?
David> --David
kevin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>
iD8DBQFBQ0I43imCezTjY0ERAuN6AJwOPyMq2QoqUNyxRECr2cBV70NqMACfQnbD
5+7ma80jx8cxhedPD2e+EW4=
=8hCa
-----END PGP SIGNATURE-----
More information about the LUG
mailing list