From: "Antonio Pérez" <aperlu@telefonica.net>
To: Giuliano Pochini <pochini@shiny.it>
Cc: Linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: 2.6.9 NAT problem
Date: Mon, 13 Dec 2004 23:11:37 +0100 [thread overview]
Message-ID: <41BE1399.8010300@telefonica.net> (raw)
In-Reply-To: <20041213212603.4e698de6.pochini@shiny.it>
Giuliano Pochini wrote:
>I can't make NAT work on 2.6.9. Outgoing packets are translated and sent,
>but incoming packets get rejected. pc4 is the other box (inside the NAT) and
>host164-26... is the dynamic address of my machine:
>
>20:42:20.132876 IP pc4.33115 > nsa.tin.it.domain: 7213+ AAAA? www.drweb32.com. (33)
>20:42:20.132876 PPPoE [ses 0x5198] IP host164-26.pool21345.interbusiness.it.33115 > nsa.tin.it.domain: 7213+ AAAA? www.drweb32.com. (33)
>20:42:20.446829 PPPoE [ses 0x5198] [length 124 (4 extra bytes)] IP nsa.tin.it.domain > host164-26.pool21345.interbusiness.it.33115: 7213 0/1/0 (94)
>20:42:20.446829 PPPoE [ses 0x5198] IP host164-26.pool21345.interbusiness.it > nsa.tin.it: icmp 130: host164-26.pool21345.interbusiness.it udp port 33115 unreachable
>
>I enable NAT with this commands:
>
>echo "1" >/proc/sys/net/ipv4/ip_dynaddr
>echo "1" >/proc/sys/net/ipv4/ip_forward
>iptables -t nat -A POSTROUTING -s pc4 -d ! 192.168.1.0/24 -j MASQUERADE
>
>I also tried SNAT with same results. I don't know if this info is useful:
>all the connection couples shown by /proc/net/ip_conntrack are in
>[UNREPLIED] state. I'm using iptables 1.2.11 and linux 2.6.9. All the above
>works just fine with 2.6.8.1 and previous versions.
>
>Linux Jay 2.6.9 #3 SMP Mon Dec 13 19:58:08 CET 2004 ppc unknown
>
>
>--
>Giuliano.
>-
>To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>the body of a message to majordomo@vger.kernel.org
>More majordomo info at http://vger.kernel.org/majordomo-info.html
>Please read the FAQ at http://www.tux.org/lkml/
>
>
>
add this:
echo 0 > /proc/sys/net/ipv4/tcp_bic
echo 0 > /proc/sys/net/ipv4/tcp_ecn
echo 0 > /proc/sys/net/ipv4/tcp_vegas_conf_avoid
please , tell me if this work.
next prev parent reply other threads:[~2004-12-13 22:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-13 20:26 2.6.9 NAT problem Giuliano Pochini
2004-12-13 22:11 ` Antonio Pérez [this message]
2004-12-14 21:20 ` Giuliano Pochini
2004-12-16 20:41 ` Bill Davidsen
2004-12-14 9:31 ` Martin Josefsson
2004-12-14 9:53 ` Giuliano Pochini
2004-12-14 21:26 ` Giuliano Pochini
2004-12-15 6:53 ` Martin Josefsson
2004-12-15 19:18 ` Giuliano Pochini
[not found] <fa.en17uqu.1r1odgm@ifi.uio.no>
[not found] ` <fa.b00sk8v.12lus29@ifi.uio.no>
2004-12-21 8:34 ` Bodo Eggert
2004-12-21 16:40 ` Bill Davidsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41BE1399.8010300@telefonica.net \
--to=aperlu@telefonica.net \
--cc=linux-kernel@vger.kernel.org \
--cc=pochini@shiny.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.