From: Enrique Huerta de la Fuente <ehuerta@ixer.mx>
To: Andrew Beverley <andy@andybev.com>
Cc: netfilter@vger.kernel.org
Subject: Re: iptables udp 1195 MASQUERADE
Date: Fri, 10 Feb 2012 00:05:19 -0600 (CST) [thread overview]
Message-ID: <20909671.2928.1328853919518.JavaMail.root@ixer.mx> (raw)
In-Reply-To: <5634144.2926.1328853844897.JavaMail.root@ixer.mx>
>> Apply the rule: "iptables -t nat -I POSTROUTING -o ppp0 -j
>> MASQUERADE", this masks the port 22 (tcp) but not the 1195 (udp),
>> because I can
>> connect via ssh.
>
>What do you mean by "masks"? What are you expecting the MASQUERADE
>target to do? From the little information I've seen, it looks like you
>are sending packets from a single interface from the local machine, in
>which case the MASQUERADE will have no effect anyway.
>
>> It seems the problem is that does not mask the port 1195 (udp).
>>
>
>MASQUERADE works fine with UDP whenever I have used it.
>
>Andy
Hello Andy, thank you for the atention.
I have four interfaces and the default gateway is eth1
- eth0 (LAN)
- eth1 (internet link)
- eth3 (internet link)
- ppp0 (internet link)
I mark (mangle) package udp (1195) for out by interface ppp0.
"iptables -t mangle -I OUTPUT -p udp -m udp --dport 1195 -j MARK --set-mark 1
and when i try MASQUERADE the package udp (1195) with "iptables -t nat -I POSTROUTING -p udp -m udp --dport 1195 -o ppp0 -j MASQUERADE", does not work!!
Any idea?
E.Huerta
next parent reply other threads:[~2012-02-10 6:05 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <5634144.2926.1328853844897.JavaMail.root@ixer.mx>
2012-02-10 6:05 ` Enrique Huerta de la Fuente [this message]
2012-02-10 15:57 ` iptables udp 1195 MASQUERADE Andrew Beverley
[not found] <25775146.3320.1329329075047.JavaMail.root@ixer.mx>
2012-02-15 18:04 ` Enrique Huerta de la Fuente
[not found] <5260549.3200.1329242426858.JavaMail.root@ixer.mx>
2012-02-14 18:05 ` Enrique Huerta de la Fuente
2012-02-14 22:41 ` Sven-Haegar Koch
[not found] <19323396.2950.1328898736467.JavaMail.root@ixer.mx>
2012-02-10 18:36 ` Enrique Huerta de la Fuente
2012-02-10 20:05 ` Andrew Beverley
2012-02-10 22:55 ` Enrique Huerta de la Fuente
2012-02-11 9:13 ` SamLT
2012-02-14 17:18 ` Enrique Huerta de la Fuente
[not found] <26800503.2896.1328827967506.JavaMail.root@ixer.mx>
2012-02-10 5:44 ` Enrique Huerta de la Fuente
[not found] <13902251.2734.1328591255561.JavaMail.root@ixer.mx>
2012-02-07 5:12 ` Enrique Huerta de la Fuente
2012-02-09 20:48 ` Andrew Beverley
[not found] <13116495.2023.1327446410284.JavaMail.root@ixer.mx>
2012-01-24 23:34 ` Enrique Huerta de la Fuente
2012-02-04 19:58 ` Andrew Beverley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20909671.2928.1328853919518.JavaMail.root@ixer.mx \
--to=ehuerta@ixer.mx \
--cc=andy@andybev.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.