From mboxrd@z Thu Jan 1 00:00:00 1970 From: Brent Clark Date: Sat, 18 Feb 2006 19:25:32 +0000 Subject: [LARTC] cant route out Message-Id: <43F774AC.7020201@eccotours.co.za> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: quoted-printable To: lartc@vger.kernel.org Hi all I seem to have a very weird problem. I have a gateway that allows me to route into the LAN etc, but for some rea= son I cant get traffic out. I have apprended a route like below to help me if its getting that far, and= it defiantly is. $IPT -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/24 -j LOG --log-prefix "POST= ROUTE: " --log-tcp-options --log-ip-options Feb 18 19:14:16 ukgate kernel: POST ROUTE: IN=3D OUT=3Deth0 SRC=10.0.0.74 D= ST=140.135.10.98 LENH TOS=3D0x00 PREC=3D0x00 TTL=127 IDR278 DF PROTO=3DTCP SPT=1336 DPT=80 WINDOW= e535 RES=3D0x00 SYN URGP=3D0 OPT (020405B401010402) Feb 18 19:14:16 ukgate kernel: POST ROUTE: IN=3D OUT=3Deth0 SRC=10.0.0.74 D= ST!9.159.9.103 LENH TOS=3D0x00 PREC=3D0x00 TTL=127 IDR279 DF PROTO=3DTCP SPT=1337 DPT=80 WINDOW= e535 RES=3D0x00 SYN URGP=3D0 OPT (020405B401010402) Feb 18 19:14:16 ukgate kernel: POST ROUTE: IN=3D OUT=3Deth0 SRC=10.0.0.74 D= ST!9.117.8.205 LENH TOS=3D0x00 PREC=3D0x00 TTL=127 IDR280 DF PROTO=3DTCP SPT=1338 DPT=80 WINDOW= e535 RES=3D0x00 SYN URGP=3D0 OPT (020405B401010402) ukgate:~# ip route show 217.206.34.80/28 dev eth0 proto kernel scope link src 217.206.34.82 10.0.0.0/24 dev eth1 proto kernel scope link src 10.0.0.4 default via 217.206.34.81 dev eth0 ukgate:~# And the weird thing is, is that tcpdump shows the client trying to connect ukgate:~# tcpdump -nn port 80 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 19:21:59.735233 IP 10.0.0.4.1900 > 219.54.8.100.80: S 340139438:340139438(0= ) win 65535 19:21:59.735396 IP 10.0.0.4.1901 > 213.73.201.11.80: S 340204029:340204029(= 0) win 65535 19:22:01.734139 IP 10.0.0.4.1904 > 218.212.34.220.80: S 340860984:340860984= (0) win 65535 19:22:02.706327 IP 10.0.0.4.1900 > 219.54.8.100.80: S 340139438:340139438(0= ) win 65535 19:22:02.706347 IP 10.0.0.4.1901 > 213.73.201.11.80: S 340204029:340204029(= 0) win 65535 19:22:04.717925 IP 10.0.0.4.1904 > 218.212.34.220.80: S 340860984:340860984= (0) win 65535 If anyone could assist, I would be most grateful. Kind Regards Brent Clark P.s. I have echo 1 > /proc/sys/net/ipv4/ip_forward in my ruleset. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc