[tproxy] Fwd: Tproxy changes for performing dual NAT

Arun S hi2arun at gmail.com
Tue Oct 30 11:32:11 CET 2007


Attila,

FYI, routing doesn't happen only for packets with foreign source address.

Thank you for the help :)

On 30/10/2007, Tóth László Attila <panther at elte.hu> wrote:
>
> On 2007.10.30., at 11:05, Arun S wrote:
>
> > On 30/10/2007, Tóth László Attila <panther at elte.hu> wrote:
> >> Hello,
> >>
> >> On 2007.10.30., at 10:29, Arun S wrote:
> >>
> >> -   spoof.sin_addr.s_addr = client.sin_addr.s_addr;
> >> +  spoof.sin_addr.s_addr = inet_addr ("95.75.75.104");
> >
> > Yes. I already tested this out and as you said, it is fine :)
> >
> >>
> >> Hm, did you set the INPUT policy to ACCEPT  the incoming connections?
> >> I ask it beacuse  you didn't send the output of iptables -L.
> >>
> >>
> >> For instance the following is enough:
> >> (iptables -F)
> >> iptables -P INPUT DROP
> >> iptables -A INPUT -m mark --fwmark 1 -j ACCEPT
> >
> > Well... all my policies are set to ACCEPT. So I don't think this is
> > causing trouble,
>
>
> Hm, it seems I'm right: the routing doesn't work if the SNAT is used.
> It requires some debugging (by me), I can do this only next week.
> --
> Attila


-- 
Regards,
Arun S.


More information about the tproxy mailing list