From: Edmundo Carmona <eantoranz@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Re: snat to multiple source ip
Date: Tue, 20 Sep 2005 08:44:11 -0400 [thread overview]
Message-ID: <65aa6af905092005445b3940d4@mail.gmail.com> (raw)
In-Reply-To: <BAY103-DAV7432DC634B39274E5495CB2950@phx.gbl>
You are using multiroute path, right?
what is the output of
ip route show default
(on the router, of course).
On 9/20/05, Marco Berizzi <pupilla@hotmail.com> wrote:
> Thanks for the reply Rob0.
>
> On Thursday 2005-September-15 04:59, Marco Berizzi wrote:
> >> My firewall script mark all the squid packet and I route them
>
> >You did not post your rules.
>
> This is not the real problem.
> The problem is the SNAT rule. It is doesn't work as stated
> by man. How does it work? Per socket? Or per socket per host?
>
> iptables -t nat -I POSTROUTING -s HDSL_ip
> --protocol tcp -m multiport --dports SQUIDports
> -j SNAT --to first_adsl_ip --to second_adsl_ip
>
> This rules snat all packets created by this (squid) host, but
> everytime I connect to the internet *always* the first_adsl_ip
> is chosen. My company lan has about 150 pc that connect to
> the internet by this proxy, so I don't understand why *everytime*
> I open my browser and I connect to www.dnsstuff.com always the
> same ip is displayed. It isn't a cache problem because I reset them
> (both on squid and browser side).
>
> >> through the two adsl connections (I have patched the kernel
> >> with the equalize patch).
>
> > Which patch is this? I have used Julian Anastasov's patches
>
> Here is http://www.ussg.iu.edu/hypermail/linux/kernel/0203.2/1314.html
> However this is only for routing not for nat.
>
>
>
>
next prev parent reply other threads:[~2005-09-20 12:44 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-20 12:39 snat to multiple source ip Marco Berizzi
2005-09-20 12:44 ` Edmundo Carmona [this message]
2005-09-20 13:37 ` Marco Berizzi
2005-09-20 13:58 ` /dev/rob0
2005-09-20 14:24 ` Marco Berizzi
-- strict thread matches above, loose matches on Subject: below --
2005-09-26 15:38 Marco Berizzi
2005-09-26 16:10 ` Phil Oester
2005-09-26 16:39 ` Marco Berizzi
2005-09-26 17:47 ` Phil Oester
2005-09-20 19:00 Derick Anderson
2005-09-20 15:25 Harrison, Bruce (CXO)
2005-09-20 15:53 ` Marco Berizzi
2005-09-20 15:07 Derick Anderson
2005-09-20 15:16 ` Marco Berizzi
2005-09-20 15:24 ` Edmundo Carmona
2005-09-15 9:59 Marco Berizzi
2005-09-15 12:21 ` /dev/rob0
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=65aa6af905092005445b3940d4@mail.gmail.com \
--to=eantoranz@gmail.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.