| View previous topic :: View next topic |
| Author |
Message |
dalamar
Tux's lil' helper
Joined: 13 Mar 2004
Posts: 110
|
 Posted: Fri Mar 21, 2008 9:21 am Post subject: Nat |
 |
|
I've got problems to configure NAT on my PC.
I did:
| Code: |
# iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
# echo 1 > /proc/sys/net/ipv4/ip_forward
|
wlan0 was the external interface.
But when I ping from a virtual machine inside my PC to my notebook, I see (on my notebook) packets from virtual machine IP and not from wlan0 IP.
So ping fails.
Any suggestion?
TIA,
Dalamar |
|
| Back to top |
|
 |
xtz
Apprentice
Joined: 29 Oct 2007
Posts: 181
Location: Singapore
|
| Posted: Fri Mar 21, 2008 10:10 am Post subject: |
|
|
| MASQUERADE is deprecated. Why not use SNAT? |
|
| Back to top |
|
|
dalamar
Tux's lil' helper
Joined: 13 Mar 2004
Posts: 110
|
| Posted: Fri Mar 21, 2008 10:47 am Post subject: |
|
|
| xtz wrote: | | MASQUERADE is deprecated. Why not use SNAT? |
I tried SNAT too without success.
If SNAT is standard now, I'll try again and then post more details.
Thanks,
Dalamar |
|
| Back to top |
|
|
Zhaozhou
Tux's lil' helper
Joined: 25 Oct 2007
Posts: 121
Location: Sweden
|
| Posted: Fri Mar 21, 2008 1:57 pm Post subject: |
|
|
| xtz wrote: | | MASQUERADE is deprecated. Why not use SNAT? |
Depricated? How so? What if one has DHCP-assigned address? DHCP is'nt depricaded, is it?
_________________
lunix. |
|
| Back to top |
|
|
xtz
Apprentice
Joined: 29 Oct 2007
Posts: 181
Location: Singapore
|
| Posted: Sat Mar 22, 2008 9:28 am Post subject: |
|
|
 |
|
| Back to top |
|
|
dalamar
Tux's lil' helper
Joined: 13 Mar 2004
Posts: 110
|
| Posted: Wed Mar 26, 2008 7:57 pm Post subject: |
|
|
| dalamar wrote: | | xtz wrote: | | MASQUERADE is deprecated. Why not use SNAT? |
I tried SNAT too without success.
If SNAT is standard now, I'll try again and then post more details.
|
I tried SNAT too.
This time ICMP packets from 10.0.0.2 (xen domU) to 192.168.1.2 reach xenbr0 but not wlan0.
Any ideas?
This is my config:
| Code: |
# ifconfig
dummy0 Link encap:Ethernet HWaddr 9A:DF:FE:15:5C:ED
inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::98df:feff:fe15:5ced/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1424 errors:0 dropped:0 overruns:0 frame:0
TX packets:252 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:136043 (132.8 Kb) TX bytes:22924 (22.3 Kb)
eth0 Link encap:Ethernet HWaddr 00:1B:FC:CF:EE:82
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:23 Base address:0x4000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:216 errors:0 dropped:0 overruns:0 frame:0
TX packets:216 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:25104 (24.5 Kb) TX bytes:25104 (24.5 Kb)
pdummy0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:4757 (4.6 Kb)
vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:252 errors:0 dropped:0 overruns:0 frame:0
TX packets:1424 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:22924 (22.3 Kb) TX bytes:136043 (132.8 Kb)
vif1.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1424 errors:0 dropped:0 overruns:0 frame:0
TX packets:248 errors:0 dropped:3 overruns:0 carrier:0
collisions:0 txqueuelen:32
RX bytes:116107 (113.3 Kb) TX bytes:22576 (22.0 Kb)
wlan0 Link encap:Ethernet HWaddr 00:1B:11:09:A6:17
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21b:11ff:fe09:a617/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:865580 errors:0 dropped:537 overruns:537 frame:537
TX packets:542987 errors:0 dropped:2750 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:274931014 (262.1 Mb) TX bytes:51364104 (48.9 Mb)
xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:136 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:11683 (11.4 Kb) TX bytes:0 (0.0 b)
#brctl show
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no vif0.0
pdummy0
vif1.0
# iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j SNAT --to 192.168.1.3
# cat /proc/sys/net/ipv4/ip_forward
1
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 10.0.0.2 anywhere PHYSDEV match --physdev-in vif1.0
ACCEPT udp -- anywhere anywhere PHYSDEV match --physdev-in vif1.0 udp spt:bootpc dpt:bootps
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- 10.0.0.0/24 anywhere to:192.168.1.3
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
|
TIA,
Dalamar |
|
| Back to top |
|
|
dalamar
Tux's lil' helper
Joined: 13 Mar 2004
Posts: 110
|
|
| Back to top |
|
|
|
Networking & Security
