Subject: Problem with SNAT and same port number

Subject: Problem with SNAT and same port number

[prabha]

Hi

>I am wanting to change the source address of outgoing packets that have a src
>port of 53.
> I have tried /sbin/iptables -A POSTROUTING -p tcp -t nat -o bond0 --sport 53
>-j SNAT --to-source 192.168.0.1:53

If my understanding is correct, you want to do SNAT but without changing the
source port number. The above command should work.
Can you check out if your DNS requests are on TCP or UDP? If they are on UDP,
you may need to extend the above rule for UDP also.

Regards
Prabha

Re: Subject: Problem with SNAT and same port number

[netfilter]

Hi,

Yes, I do include udp as well.  A tcpdump shows traffic two and from until I 
insert that rule, then there is no return traffic sent, its as though its 
being silently dropped, because nothing is in the logs either.  If I change 
the port to 52, the return traffic apears, but of course, on the wrong port.

> Hi
>
> >I am wanting to change the source address of outgoing packets that have a
> > src port of 53.
> > I have tried /sbin/iptables -A POSTROUTING -p tcp -t nat -o bond0 --sport
> > 53 -j SNAT --to-source 192.168.0.1:53
>
> If my understanding is correct, you want to do SNAT but without changing
> the source port number. The above command should work.
> Can you check out if your DNS requests are on TCP or UDP? If they are on
> UDP, you may need to extend the above rule for UDP also.
>
> Regards
> Prabha