From: Edmundo Carmona <eantoranz@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Re: snat to multiple source ip
Date: Tue, 20 Sep 2005 08:44:11 -0400 [thread overview]
Message-ID: <65aa6af905092005445b3940d4@mail.gmail.com> (raw)
In-Reply-To: <BAY103-DAV7432DC634B39274E5495CB2950@phx.gbl>
You are using multiroute path, right?
what is the output of
ip route show default
(on the router, of course).
On 9/20/05, Marco Berizzi <pupilla@hotmail.com> wrote:
> Thanks for the reply Rob0.
>
> On Thursday 2005-September-15 04:59, Marco Berizzi wrote:
> >> My firewall script mark all the squid packet and I route them
>
> >You did not post your rules.
>
> This is not the real problem.
> The problem is the SNAT rule. It is doesn't work as stated
> by man. How does it work? Per socket? Or per socket per host?
>
> iptables -t nat -I POSTROUTING -s HDSL_ip
> --protocol tcp -m multiport --dports SQUIDports
> -j SNAT --to first_adsl_ip --to second_adsl_ip
>
> This rules snat all packets created by this (squid) host, but
> everytime I connect to the internet *always* the first_adsl_ip
> is chosen. My company lan has about 150 pc that connect to
> the internet by this proxy, so I don't understand why *everytime*
> I open my browser and I connect to www.dnsstuff.com always the
> same ip is displayed. It isn't a cache problem because I reset them
> (both on squid and browser side).
>
> >> through the two adsl connections (I have patched the kernel
> >> with the equalize patch).
>
> > Which patch is this? I have used Julian Anastasov's patches
>
> Here is http://www.ussg.iu.edu/hypermail/linux/kernel/0203.2/1314.html
> However this is only for routing not for nat.
>
>
>
>
next prev parent reply other threads:[~2005-09-20 12:44 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-20 12:39 snat to multiple source ip Marco Berizzi
2005-09-20 12:44 ` Edmundo Carmona [this message]
2005-09-20 13:37 ` Marco Berizzi
2005-09-20 13:58 ` /dev/rob0
2005-09-20 14:24 ` Marco Berizzi
-- strict thread matches above, loose matches on Subject: below --
2005-09-20 19:00 Derick Anderson
2005-09-20 15:25 Harrison, Bruce (CXO)
2005-09-20 15:53 ` Marco Berizzi
2005-09-20 15:07 Derick Anderson
2005-09-20 15:16 ` Marco Berizzi
2005-09-20 15:24 ` Edmundo Carmona
2005-09-15 9:59 Marco Berizzi
2005-09-15 12:21 ` /dev/rob0
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=65aa6af905092005445b3940d4@mail.gmail.com \
--to=eantoranz@gmail.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox