From: "Antonio Pérez" <aperlu@telefonica.net>
To: Giuliano Pochini <pochini@shiny.it>
Cc: Linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: 2.6.9 NAT problem
Date: Mon, 13 Dec 2004 23:11:37 +0100 [thread overview]
Message-ID: <41BE1399.8010300@telefonica.net> (raw)
In-Reply-To: <20041213212603.4e698de6.pochini@shiny.it>
Giuliano Pochini wrote:
>I can't make NAT work on 2.6.9. Outgoing packets are translated and sent,
>but incoming packets get rejected. pc4 is the other box (inside the NAT) and
>host164-26... is the dynamic address of my machine:
>
>20:42:20.132876 IP pc4.33115 > nsa.tin.it.domain: 7213+ AAAA? www.drweb32.com. (33)
>20:42:20.132876 PPPoE [ses 0x5198] IP host164-26.pool21345.interbusiness.it.33115 > nsa.tin.it.domain: 7213+ AAAA? www.drweb32.com. (33)
>20:42:20.446829 PPPoE [ses 0x5198] [length 124 (4 extra bytes)] IP nsa.tin.it.domain > host164-26.pool21345.interbusiness.it.33115: 7213 0/1/0 (94)
>20:42:20.446829 PPPoE [ses 0x5198] IP host164-26.pool21345.interbusiness.it > nsa.tin.it: icmp 130: host164-26.pool21345.interbusiness.it udp port 33115 unreachable
>
>I enable NAT with this commands:
>
>echo "1" >/proc/sys/net/ipv4/ip_dynaddr
>echo "1" >/proc/sys/net/ipv4/ip_forward
>iptables -t nat -A POSTROUTING -s pc4 -d ! 192.168.1.0/24 -j MASQUERADE
>
>I also tried SNAT with same results. I don't know if this info is useful:
>all the connection couples shown by /proc/net/ip_conntrack are in
>[UNREPLIED] state. I'm using iptables 1.2.11 and linux 2.6.9. All the above
>works just fine with 2.6.8.1 and previous versions.
>
>Linux Jay 2.6.9 #3 SMP Mon Dec 13 19:58:08 CET 2004 ppc unknown
>
>
>--
>Giuliano.
>-
>To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>the body of a message to majordomo@vger.kernel.org
>More majordomo info at http://vger.kernel.org/majordomo-info.html
>Please read the FAQ at http://www.tux.org/lkml/
>
>
>
add this:
echo 0 > /proc/sys/net/ipv4/tcp_bic
echo 0 > /proc/sys/net/ipv4/tcp_ecn
echo 0 > /proc/sys/net/ipv4/tcp_vegas_conf_avoid
please , tell me if this work.
next prev parent reply other threads:[~2004-12-13 22:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-13 20:26 2.6.9 NAT problem Giuliano Pochini
2004-12-13 22:11 ` Antonio Pérez [this message]
2004-12-14 21:20 ` Giuliano Pochini
2004-12-16 20:41 ` Bill Davidsen
2004-12-14 9:31 ` Martin Josefsson
2004-12-14 9:53 ` Giuliano Pochini
2004-12-14 21:26 ` Giuliano Pochini
2004-12-15 6:53 ` Martin Josefsson
2004-12-15 19:18 ` Giuliano Pochini
[not found] <fa.en17uqu.1r1odgm@ifi.uio.no>
[not found] ` <fa.b00sk8v.12lus29@ifi.uio.no>
2004-12-21 8:34 ` Bodo Eggert
2004-12-21 16:40 ` Bill Davidsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41BE1399.8010300@telefonica.net \
--to=aperlu@telefonica.net \
--cc=linux-kernel@vger.kernel.org \
--cc=pochini@shiny.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox