[tproxy] Fwd: Tproxy changes for performing dual NAT

Tóth László Attila panther at elte.hu
Tue Oct 30 11:21:35 CET 2007


On 2007.10.30., at 11:05, Arun S wrote:

> On 30/10/2007, Tóth László Attila <panther at elte.hu> wrote:
>> Hello,
>>
>> On 2007.10.30., at 10:29, Arun S wrote:
>>
>> -   spoof.sin_addr.s_addr = client.sin_addr.s_addr;
>> +  spoof.sin_addr.s_addr = inet_addr ("95.75.75.104");
>
> Yes. I already tested this out and as you said, it is fine :)
>
>>
>> Hm, did you set the INPUT policy to ACCEPT  the incoming connections?
>> I ask it beacuse  you didn't send the output of iptables -L.
>>
>>
>> For instance the following is enough:
>> (iptables -F)
>> iptables -P INPUT DROP
>> iptables -A INPUT -m mark --fwmark 1 -j ACCEPT
>
> Well... all my policies are set to ACCEPT. So I don't think this is
> causing trouble,


Hm, it seems I'm right: the routing doesn't work if the SNAT is used.  
It requires some debugging (by me), I can do this only next week.
--
Attila


More information about the tproxy mailing list