* NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
@ 2005-03-13 10:11 Mårten Segerkvist
2005-03-13 20:16 ` Jason Opperisano
0 siblings, 1 reply; 9+ messages in thread
From: Mårten Segerkvist @ 2005-03-13 10:11 UTC (permalink / raw)
To: netfilter
Hello!
I'm setting up a simple linux router to forward packets between my local wlan
and internet; while doing so, I'm using the _same rules_ as on another machine
doing the same thing at another location, that is:
echo 1 > /proc/sys/net/ipv4/ip_forward
modprobe ipt_MASQUERADE
modprobe iptable_filter
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface wlan0 -j ACCEPT
The packages from wlan never get through, though. A verbose listing of the
different chains after a few minutes of pinging varios location gives me:
> iptables -L -v
Chain INPUT (policy ACCEPT 6316 packets, 727K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
314 12560 ACCEPT all -- wlan0 any anywhere anywhere
Chain OUTPUT (policy ACCEPT 4976 packets, 762K bytes)
pkts bytes target prot opt in out source destination
> iptables -t nat -L -v
Chain PREROUTING (policy ACCEPT 14 packets, 668 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 1 packets, 228 bytes)
pkts bytes target prot opt in out source destination
18 1080 MASQUERADE all -- any eth0 anywhere anywhere
0 0 LOG all -- any any anywhere anywhere LOG
level warning
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
As only 18 out of 314 (compared with 37959 out of 3836K packets on the working
router with the same rules) packets reaches the POSTROUTING chain (out of which
none results in a pong), i figured this might have something to do with the
problem?
I tried to log the packets reaching POSTROUTING with
> iptables -t nat -A POSTROUTING -j log
but none of them showed up in the syslog; that's a minor? problem though.
I'd be most grateful for any suggestions!
(iptables is compiled with the 2004.3 gentoo-ppc-livecd toolset against
2.6.8.1, running on a mac mini with a d-link dwl-122 802.11b dongle
using linux-wlan-ng).
/M. Segerkvist
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
2005-03-13 10:11 NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain) Mårten Segerkvist
@ 2005-03-13 20:16 ` Jason Opperisano
0 siblings, 0 replies; 9+ messages in thread
From: Jason Opperisano @ 2005-03-13 20:16 UTC (permalink / raw)
To: netfilter
On Sun, 2005-03-13 at 05:11, MÃ¥rten Segerkvist wrote:
> I tried to log the packets reaching POSTROUTING with
>
> > iptables -t nat -A POSTROUTING -j log
>
> but none of them showed up in the syslog; that's a minor? problem though.
fixating on what does/doesn't get logged in NAT POSTROUTING is
counter-productive to the task at hand. if you wish to log POSTROUTING
packets for the purposes of troubleshooting, please do it in MANGLE:
iptables -t mangle -A POSTROUTING -j LOG --log-prefix "POSTROUTED: "
> I'd be most grateful for any suggestions!
the wire never lies:
run:
tcpdump -n -nn -p -i wlan0 icmp
and ping something.
run:
tcpdump -n -nn -p -i eth0 icmp
and ping something.
from looking at the counters, it looks like the packets are making it
out of the gateway, but not making it back to it for whatever reason...
-j
--
"Dear Mr. President, there are too many states nowadays, please
eliminate three. I am not a crackpot."
--The Simpsons
^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
2005-03-13 13:34 Sietse van Zanen
2005-03-13 15:01 ` Mohamed Eldesoky
@ 2005-03-13 15:27 ` Jose Maria Lopez Hernandez
1 sibling, 0 replies; 9+ messages in thread
From: Jose Maria Lopez Hernandez @ 2005-03-13 15:27 UTC (permalink / raw)
To: netfilter
El dom, 13-03-2005 a las 14:34 +0100, Sietse van Zanen escribió:
> Because netfilter is a stateful firewall basically.
> It logs the first per NEW and marks the latter as RELATED,ESTABLISHED.
>
> Only packets that match the NEW state will increment the counters. It counts how many connections have been set-up. Not how many packets belonging to a connection pass. These will be counted in a -j ACEEPT --state RELATED,ESTABLISHED rule, if present.
>
> You could bypass this by creating stateless rule, but that would defeat the purpose of a stateless firewall.
But you can use stateful rules to ACCEPT or DROP the packets and
also stateless rules to LOG the packets, or sending them before the
stateful rules ACCEPT of DROP them to a chain that contains RETURN
rules to get the counters.
This is what I do and it works quite well.
Regards.
--
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
-- Jack Kerouac, "On the Road"
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
2005-03-13 13:34 Sietse van Zanen
@ 2005-03-13 15:01 ` Mohamed Eldesoky
2005-03-13 15:27 ` Jose Maria Lopez Hernandez
1 sibling, 0 replies; 9+ messages in thread
From: Mohamed Eldesoky @ 2005-03-13 15:01 UTC (permalink / raw)
To: Sietse van Zanen, netfilter
On Sun, 13 Mar 2005 14:34:52 +0100, Sietse van Zanen <sietse@wizdom.nu> wrote:
> Because netfilter is a stateful firewall basically.
> It logs the first per NEW and marks the latter as RELATED,ESTABLISHED.
>
But every new ping, is a new connection, not relate to the other ping !!!
It is not a ping-pong-ping-pong
It is ping-pong ping-pong
May be I am wrong !!!
> Only packets that match the NEW state will increment the counters. It counts how many connections have been set-up. Not how many packets belonging to a connection pass. These will be counted in a -j ACEEPT --state RELATED,ESTABLISHED rule, if present.
>
> You could bypass this by creating stateless rule, but that would defeat the purpose of a stateless firewall.
>
> -----Original Message-----
> From: Mohamed Eldesoky [mailto:eldesoky.lists@gmail.com]
> Sent: Sunday, March 13, 2005 2:21 PM
> To: Sietse van Zanen; netfilter
> Subject: Re: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
>
> On Sun, 13 Mar 2005 13:14:31 +0100, Sietse van Zanen <sietse@wizdom.nu> wrote:
> > What do you see, when you tcpdump on your external interface? (tcpdump -I eth0). Can you see natted packets exiting that interface?
> >
> > The reason, that you only see 4 packets in the iptables -t nat -L is that if you fire off 10 pings, iptables will see the latter 9 as belonging to the same connection and therefor only logs 1.
>
> How come ???
>
> >
> > It might be as simple, that the host you are trying to ping is just unpingable.
> >
> > Specify some more info, like what you are trying to ping, traceroute -I output.
> >
> > -----Original Message-----
> > From: netfilter-bounces@lists.netfilter.org [mailto:netfilter-bounces@lists.netfilter.org] On Behalf Of Mårten Segerkvist
> > Sent: Sunday, March 13, 2005 1:01 PM
> > To: netfilter@lists.netfilter.org
> > Subject: RE: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
> >
> > On Sun, 13 Mar 2005, Sietse van Zanen wrote:
> >
> > > From man iptables:
> > > MASQUERADE
> > > This target is only valid in the nat table, in the POSTROUTING chain.
> > > It should only be used with dynamically assigned IP (dialup)
> > > connections: if you have a static IP address, you should use the
> > > SNAT target.
> > >
> > > Try using regular SNAT rule:
> > >
> > > Iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT
> > > --to-source:your.pub.ip.addr
> > >
> >
> > Now using:
> >
> > echo 1 > /proc/sys/net/ipv4/ip_forward
> > modprobe ipt_MASQUERADE
> > modprobe iptable_filter
> > iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT \
> > --to-source 81.172.241.145
> > iptables --append FORWARD --in-interface eth1 -j ACCEPT
> >
> > This gives me the same result as previosly. What confuses me further is
> > that no packets seems to be accepted from the wlan-interface.
> >
> > > iptables -L -v
> >
> > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> > pkts bytes target prot opt in out source
> > destination
> > 125 5000 ACCEPT all -- wlan0 any anywhere
> > anywhere
> >
> > > iptables -t nat -L -v
> >
> > Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
> > pkts bytes target prot opt in out source
> > destination
> > 4 295 SNAT all -- any eth0 anywhere
> > anywhere to:<IP>
> >
> > As before, I'd be most grateful for any suggestions!
> >
> > /Mårten Segerkvist
> >
> >
>
> --
> Mohamed Eldesoky
> www.eldesoky.net
> RHCE
>
>
--
Mohamed Eldesoky
www.eldesoky.net
RHCE
^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
@ 2005-03-13 13:34 Sietse van Zanen
2005-03-13 15:01 ` Mohamed Eldesoky
2005-03-13 15:27 ` Jose Maria Lopez Hernandez
0 siblings, 2 replies; 9+ messages in thread
From: Sietse van Zanen @ 2005-03-13 13:34 UTC (permalink / raw)
To: netfilter
Because netfilter is a stateful firewall basically.
It logs the first per NEW and marks the latter as RELATED,ESTABLISHED.
Only packets that match the NEW state will increment the counters. It counts how many connections have been set-up. Not how many packets belonging to a connection pass. These will be counted in a -j ACEEPT --state RELATED,ESTABLISHED rule, if present.
You could bypass this by creating stateless rule, but that would defeat the purpose of a stateless firewall.
-----Original Message-----
From: Mohamed Eldesoky [mailto:eldesoky.lists@gmail.com]
Sent: Sunday, March 13, 2005 2:21 PM
To: Sietse van Zanen; netfilter
Subject: Re: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
On Sun, 13 Mar 2005 13:14:31 +0100, Sietse van Zanen <sietse@wizdom.nu> wrote:
> What do you see, when you tcpdump on your external interface? (tcpdump -I eth0). Can you see natted packets exiting that interface?
>
> The reason, that you only see 4 packets in the iptables -t nat -L is that if you fire off 10 pings, iptables will see the latter 9 as belonging to the same connection and therefor only logs 1.
How come ???
>
> It might be as simple, that the host you are trying to ping is just unpingable.
>
> Specify some more info, like what you are trying to ping, traceroute -I output.
>
> -----Original Message-----
> From: netfilter-bounces@lists.netfilter.org [mailto:netfilter-bounces@lists.netfilter.org] On Behalf Of Mårten Segerkvist
> Sent: Sunday, March 13, 2005 1:01 PM
> To: netfilter@lists.netfilter.org
> Subject: RE: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
>
> On Sun, 13 Mar 2005, Sietse van Zanen wrote:
>
> > From man iptables:
> > MASQUERADE
> > This target is only valid in the nat table, in the POSTROUTING chain.
> > It should only be used with dynamically assigned IP (dialup)
> > connections: if you have a static IP address, you should use the
> > SNAT target.
> >
> > Try using regular SNAT rule:
> >
> > Iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT
> > --to-source:your.pub.ip.addr
> >
>
> Now using:
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
> modprobe ipt_MASQUERADE
> modprobe iptable_filter
> iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT \
> --to-source 81.172.241.145
> iptables --append FORWARD --in-interface eth1 -j ACCEPT
>
> This gives me the same result as previosly. What confuses me further is
> that no packets seems to be accepted from the wlan-interface.
>
> > iptables -L -v
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target prot opt in out source
> destination
> 125 5000 ACCEPT all -- wlan0 any anywhere
> anywhere
>
> > iptables -t nat -L -v
>
> Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target prot opt in out source
> destination
> 4 295 SNAT all -- any eth0 anywhere
> anywhere to:<IP>
>
> As before, I'd be most grateful for any suggestions!
>
> /Mårten Segerkvist
>
>
--
Mohamed Eldesoky
www.eldesoky.net
RHCE
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
2005-03-13 12:14 Sietse van Zanen
@ 2005-03-13 13:20 ` Mohamed Eldesoky
0 siblings, 0 replies; 9+ messages in thread
From: Mohamed Eldesoky @ 2005-03-13 13:20 UTC (permalink / raw)
To: Sietse van Zanen, netfilter
On Sun, 13 Mar 2005 13:14:31 +0100, Sietse van Zanen <sietse@wizdom.nu> wrote:
> What do you see, when you tcpdump on your external interface? (tcpdump -I eth0). Can you see natted packets exiting that interface?
>
> The reason, that you only see 4 packets in the iptables -t nat -L is that if you fire off 10 pings, iptables will see the latter 9 as belonging to the same connection and therefor only logs 1.
How come ???
>
> It might be as simple, that the host you are trying to ping is just unpingable.
>
> Specify some more info, like what you are trying to ping, traceroute -I output.
>
> -----Original Message-----
> From: netfilter-bounces@lists.netfilter.org [mailto:netfilter-bounces@lists.netfilter.org] On Behalf Of Mårten Segerkvist
> Sent: Sunday, March 13, 2005 1:01 PM
> To: netfilter@lists.netfilter.org
> Subject: RE: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
>
> On Sun, 13 Mar 2005, Sietse van Zanen wrote:
>
> > From man iptables:
> > MASQUERADE
> > This target is only valid in the nat table, in the POSTROUTING chain.
> > It should only be used with dynamically assigned IP (dialup)
> > connections: if you have a static IP address, you should use the
> > SNAT target.
> >
> > Try using regular SNAT rule:
> >
> > Iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT
> > --to-source:your.pub.ip.addr
> >
>
> Now using:
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
> modprobe ipt_MASQUERADE
> modprobe iptable_filter
> iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT \
> --to-source 81.172.241.145
> iptables --append FORWARD --in-interface eth1 -j ACCEPT
>
> This gives me the same result as previosly. What confuses me further is
> that no packets seems to be accepted from the wlan-interface.
>
> > iptables -L -v
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target prot opt in out source
> destination
> 125 5000 ACCEPT all -- wlan0 any anywhere
> anywhere
>
> > iptables -t nat -L -v
>
> Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target prot opt in out source
> destination
> 4 295 SNAT all -- any eth0 anywhere
> anywhere to:<IP>
>
> As before, I'd be most grateful for any suggestions!
>
> /Mårten Segerkvist
>
>
--
Mohamed Eldesoky
www.eldesoky.net
RHCE
^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
@ 2005-03-13 12:14 Sietse van Zanen
2005-03-13 13:20 ` Mohamed Eldesoky
0 siblings, 1 reply; 9+ messages in thread
From: Sietse van Zanen @ 2005-03-13 12:14 UTC (permalink / raw)
To: netfilter
What do you see, when you tcpdump on your external interface? (tcpdump -I eth0). Can you see natted packets exiting that interface?
The reason, that you only see 4 packets in the iptables -t nat -L is that if you fire off 10 pings, iptables will see the latter 9 as belonging to the same connection and therefor only logs 1.
It might be as simple, that the host you are trying to ping is just unpingable.
Specify some more info, like what you are trying to ping, traceroute -I output.
-----Original Message-----
From: netfilter-bounces@lists.netfilter.org [mailto:netfilter-bounces@lists.netfilter.org] On Behalf Of Mårten Segerkvist
Sent: Sunday, March 13, 2005 1:01 PM
To: netfilter@lists.netfilter.org
Subject: RE: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
On Sun, 13 Mar 2005, Sietse van Zanen wrote:
> From man iptables:
> MASQUERADE
> This target is only valid in the nat table, in the POSTROUTING chain.
> It should only be used with dynamically assigned IP (dialup)
> connections: if you have a static IP address, you should use the
> SNAT target.
>
> Try using regular SNAT rule:
>
> Iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT
> --to-source:your.pub.ip.addr
>
Now using:
echo 1 > /proc/sys/net/ipv4/ip_forward
modprobe ipt_MASQUERADE
modprobe iptable_filter
iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT \
--to-source 81.172.241.145
iptables --append FORWARD --in-interface eth1 -j ACCEPT
This gives me the same result as previosly. What confuses me further is
that no packets seems to be accepted from the wlan-interface.
> iptables -L -v
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
125 5000 ACCEPT all -- wlan0 any anywhere
anywhere
> iptables -t nat -L -v
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
4 295 SNAT all -- any eth0 anywhere
anywhere to:<IP>
As before, I'd be most grateful for any suggestions!
/Mårten Segerkvist
^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
2005-03-13 10:41 Sietse van Zanen
@ 2005-03-13 12:01 ` Mårten Segerkvist
0 siblings, 0 replies; 9+ messages in thread
From: Mårten Segerkvist @ 2005-03-13 12:01 UTC (permalink / raw)
To: netfilter
On Sun, 13 Mar 2005, Sietse van Zanen wrote:
> From man iptables:
> MASQUERADE
> This target is only valid in the nat table, in the POSTROUTING chain.
> It should only be used with dynamically assigned IP (dialup)
> connections: if you have a static IP address, you should use the
> SNAT target.
>
> Try using regular SNAT rule:
>
> Iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT
> --to-source:your.pub.ip.addr
>
Now using:
echo 1 > /proc/sys/net/ipv4/ip_forward
modprobe ipt_MASQUERADE
modprobe iptable_filter
iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT \
--to-source 81.172.241.145
iptables --append FORWARD --in-interface eth1 -j ACCEPT
This gives me the same result as previosly. What confuses me further is
that no packets seems to be accepted from the wlan-interface.
> iptables -L -v
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
125 5000 ACCEPT all -- wlan0 any anywhere
anywhere
> iptables -t nat -L -v
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
4 295 SNAT all -- any eth0 anywhere
anywhere to:<IP>
As before, I'd be most grateful for any suggestions!
/Mårten Segerkvist
^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
@ 2005-03-13 10:41 Sietse van Zanen
2005-03-13 12:01 ` Mårten Segerkvist
0 siblings, 1 reply; 9+ messages in thread
From: Sietse van Zanen @ 2005-03-13 10:41 UTC (permalink / raw)
To: netfilter
From man iptables:
MASQUERADE
This target is only valid in the nat table, in the POSTROUTING chain. It should only
be used with dynamically assigned IP (dialup) connections: if you have a static IP
address, you should use the SNAT target.
Try using regular SNAT rule:
Iptables --table nat --append POSTROUTING --out-interface eth0 -j SNAT --to-source:your.pub.ip.addr
-----Original Message-----
From: netfilter-bounces@lists.netfilter.org [mailto:netfilter-bounces@lists.netfilter.org] On Behalf Of Mårten Segerkvist
Sent: Sunday, March 13, 2005 11:11 AM
To: netfilter@lists.netfilter.org
Subject: NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain)
Hello!
I'm setting up a simple linux router to forward packets between my local wlan
and internet; while doing so, I'm using the _same rules_ as on another machine
doing the same thing at another location, that is:
echo 1 > /proc/sys/net/ipv4/ip_forward
modprobe ipt_MASQUERADE
modprobe iptable_filter
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface wlan0 -j ACCEPT
The packages from wlan never get through, though. A verbose listing of the
different chains after a few minutes of pinging varios location gives me:
> iptables -L -v
Chain INPUT (policy ACCEPT 6316 packets, 727K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
314 12560 ACCEPT all -- wlan0 any anywhere anywhere
Chain OUTPUT (policy ACCEPT 4976 packets, 762K bytes)
pkts bytes target prot opt in out source destination
> iptables -t nat -L -v
Chain PREROUTING (policy ACCEPT 14 packets, 668 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 1 packets, 228 bytes)
pkts bytes target prot opt in out source destination
18 1080 MASQUERADE all -- any eth0 anywhere anywhere
0 0 LOG all -- any any anywhere anywhere LOG
level warning
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
As only 18 out of 314 (compared with 37959 out of 3836K packets on the working
router with the same rules) packets reaches the POSTROUTING chain (out of which
none results in a pong), i figured this might have something to do with the
problem?
I tried to log the packets reaching POSTROUTING with
> iptables -t nat -A POSTROUTING -j log
but none of them showed up in the syslog; that's a minor? problem though.
I'd be most grateful for any suggestions!
(iptables is compiled with the 2004.3 gentoo-ppc-livecd toolset against
2.6.8.1, running on a mac mini with a d-link dwl-122 802.11b dongle
using linux-wlan-ng).
/M. Segerkvist
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2005-03-13 20:16 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-03-13 10:11 NAT doesn't work (only a fraction of the forwarded packets reach the postrouting chain) Mårten Segerkvist
2005-03-13 20:16 ` Jason Opperisano
2005-03-13 10:41 Sietse van Zanen
2005-03-13 12:01 ` Mårten Segerkvist
2005-03-13 12:14 Sietse van Zanen
2005-03-13 13:20 ` Mohamed Eldesoky
2005-03-13 13:34 Sietse van Zanen
2005-03-13 15:01 ` Mohamed Eldesoky
2005-03-13 15:27 ` Jose Maria Lopez Hernandez
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.