From: "Antonio Pérez" <aperlu@telefonica.net>
To: Andreas Grabner <andi@vnc.at>
Cc: netfilter@lists.netfilter.org
Subject: Re: nat/masquerade with kernel 2.6.x
Date: Sat, 11 Dec 2004 15:18:13 +0100 [thread overview]
Message-ID: <41BB01A5.5000406@telefonica.net> (raw)
In-Reply-To: <20041211133145.GA3027@utanet.at>
Andreas Grabner wrote:
>Hi
>
>On Sat, Dec 11, 2004 at 01:45:08PM +0100, Antonio Pérez wrote:
>
>
>> iptables --table nat --append POSTROUTING --out-interface
>>$ifc_internet -j MASQUERADE
>>the hosts of the internal network can do ping to internet, and this is
>>normal, but they can not open any web or conection the msn , they
>>only can do ping. This is very stranger. I try the kernels
>>2.6.7,2.6.7,2.6.8 and 2.6.9 and they do no work.
>>
>>
>You can ping so NAT and routing seems to work.
>Are there any other rules in the FORWARD chain?
>
><try>
>maybe you should check if DNS is working?
></try>
>
>
>
>>Can somebody help me, please?
>>
>>
>send more Info e.g. output of
>iptables -L -nvx
>iptables -t nat -nvx
>
>
>
>>Sorry for my bad english.
>>
>>
>me too ;-)
>
>
>Andreas Grabner
>
>
>
>
I know that the dns is working because when I do "ping www.google.es"
from internal host this work.
There are not other rules in the FORWARD chain, look:
Chain INPUT (policy ACCEPT 2 packets, 100 bytes)
pkts bytes target prot opt in out
source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out
source destination
Chain OUTPUT (policy ACCEPT 5958 packets, 2480411 bytes)
pkts bytes target prot opt in out
source destination
and if i do iptables -t nat -L -nvx, then:
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out
source destination
Chain POSTROUTING (policy ACCEPT 1 packets, 60 bytes)
pkts bytes target prot opt in out
source destination
0 0 MASQUERADE all -- * eth1
0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 1 packets, 60 bytes)
pkts bytes target prot opt in out
source destination
And this is all, :)
prev parent reply other threads:[~2004-12-11 14:18 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-11 12:45 nat/masquerade with kernel 2.6.x Antonio Pérez
2004-12-11 13:31 ` Andreas Grabner
2004-12-11 14:18 ` Antonio Pérez [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41BB01A5.5000406@telefonica.net \
--to=aperlu@telefonica.net \
--cc=andi@vnc.at \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.