[lug] Iptables

Dan Ferris dan at usrsbin.com
Thu Aug 3 22:13:05 MDT 2006

No drops anywhere.  Same behavior with no rules at all in the FORWARD 
chain.  Even with a default policy of accept.

1:1 NAT is supposed to be simple and this sucks. :(

IP forwarding is enabled.


John Hernandez wrote:
> Also, you might want to double check that IP forwarding is enabled in
> the kernel.
> echo "1" > /proc/sys/net/ipv4/ip_forward
> Zan Lynx wrote:
>> You probably have a DROP rule somewhere, or as a chain default.  I
>> always put a LOG target just ahead of any DROP (at least at first until
>> I get tired of the spam) so that I can see what is happening.
>> You can see if DROPs are getting hit just by redirecting the iptables
>> output to a temporary file, then do some network traffic, then dump to
>> another temporary file, then diff the two files.
>> On Thu, 2006-08-03 at 15:20 -0600, Dan Ferris wrote:
>>> Hello list,
>>> I have the following in an iptables setup:
>> [snip]
>>> Of course, the issue is that NOTHING will NAT properly.  In fact, those 
>>> rules are NEVER hit at all.  I watch with a sniffer and I can see the 
>>> traffic come into the proper interfaces, but nothing ever happens.  This 
>>> problem is getting very confusing and frustrating, so any suggestions 
>>> would be appreciated.
>>> ------------------------------------------------------------------------
>>> _______________________________________________
>>> Web Page:  http://lug.boulder.co.us
>>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug

What do you call a guy with no legs who is waterskiing?


More information about the LUG mailing list