[Firehol-support] masquerade vs. snat

Carlos Rodrigues carlos.efr at mail.telepac.pt
Sun Nov 6 14:44:57 GMT 2005


On 11/6/05, Costa Tsaousis <costa at tsaousis.gr> wrote:
> What you describe cannot be happening. Could you please check the packet
> counter in the output of
>
> iptables -nxvL -t nat
>
> or add a log parameter to you statement and check the logs for packets
> matching.
> If you don't have packets matching, the problem is elsewere...

Ok... I tried changing masquerade to snat again, and this time I was
determined to make it work. After 15 of looking at tcpdump output and
iptables logs I finally found the problem: a typo!!! The "gw_address"
variable (which is only used in this snat statement) had the wrong
address!

I hate it when this happens... :)

So, it works now. Thanks anyway.

--
Carlos Rodrigues




More information about the Firehol-support mailing list