blu3bird
Retired Dev
Joined: 04 Oct 2003
Posts: 614
Location: Munich, Germany
|
 Posted: Mon Oct 02, 2006 5:39 pm Post subject: Masquerading not working proberly |
 |
|
Hi,
I'm having some problems with nat. In general it works but 3 webservers(i know so far) do not work.
The webbrowser(firefox,opera,links,lxny...) just hangs...
www.dlink.de, thepiratebay.org, www.whatismyip.com
my gateway: 10.136.137.1
my pc: 10.136.137.7
I'm executing "links thepiratebay.org". It works on the gateway, but not in the client(hangs at "Request sent")
iptables-log when executing on gateway:
| Code: | Oct 2 19:19:42 [kernel] IN=ppp0 OUT= MAC= SRC=83.140.176.146 DST=82.135.76.42 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=0 DF PROTO=TCP SPT=80 DPT=52500 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Oct 2 19:19:42 [kernel] IN=ppp0 OUT= MAC= SRC=83.140.176.146 DST=82.135.76.42 LEN=52 TOS=0x00 PREC=0x00 TTL=49 ID=24615 DF PROTO=TCP SPT=80 DPT=52500 WINDOW=55 RES=0x00 ACK URGP=0
Oct 2 19:19:42 [kernel] IN=ppp0 OUT= MAC= SRC=83.140.176.146 DST=82.135.76.42 LEN=1492 TOS=0x00 PREC=0x00 TTL=49 ID=24616 DF PROTO=TCP SPT=80 DPT=52500 WINDOW=55 RES=0x00 ACK URGP=0
Oct 2 19:19:42 [kernel] IN=ppp0 OUT= MAC= SRC=83.140.176.146 DST=82.135.76.42 LEN=1492 TOS=0x00 PREC=0x00 TTL=49 ID=24617 DF PROTO=TCP SPT=80 DPT=52500 WINDOW=55 RES=0x00 ACK URGP=0
Oct 2 19:19:42 [kernel] IN=ppp0 OUT= MAC= SRC=83.140.176.146 DST=82.135.76.42 LEN=1492 TOS=0x00 PREC=0x00 TTL=49 ID=24618 DF PROTO=TCP SPT=80 DPT=52500 WINDOW=55 RES=0x00 ACK URGP=0
Oct 2 19:19:42 [kernel] IN=ppp0 OUT= MAC= SRC=83.140.176.146 DST=82.135.76.42 LEN=1491 TOS=0x00 PREC=0x00 TTL=49 ID=24619 DF PROTO=TCP SPT=80 DPT=52500 WINDOW=55 RES=0x00 ACK PSH FIN URGP=0
Oct 2 19:19:42 [kernel] IN=ppp0 OUT= MAC= SRC=83.140.176.146 DST=82.135.76.42 LEN=52 TOS=0x00 PREC=0x00 TTL=49 ID=24620 DF PROTO=TCP SPT=80 DPT=52500 WINDOW=55 RES=0x00 ACK URGP=0 |
when executing on the client(doesn't work):
| Code: | Oct 2 19:18:32 [kernel] IN=eth0 OUT=ppp0 SRC=10.136.137.7 DST=83.140.176.146 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=5604 DF PROTO=TCP SPT=64212 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Oct 2 19:18:32 [kernel] IN=ppp0 OUT=eth0 SRC=83.140.176.146 DST=10.136.137.7 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=0 DF PROTO=TCP SPT=80 DPT=64212 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Oct 2 19:18:32 [kernel] IN=eth0 OUT=ppp0 SRC=10.136.137.7 DST=83.140.176.146 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=5605 DF PROTO=TCP SPT=64212 DPT=80 WINDOW=92 RES=0x00 ACK URGP=0
Oct 2 19:18:32 [kernel] IN=eth0 OUT=ppp0 SRC=10.136.137.7 DST=83.140.176.146 LEN=617 TOS=0x00 PREC=0x00 TTL=127 ID=5606 DF PROTO=TCP SPT=64212 DPT=80 WINDOW=92 RES=0x00 ACK PSH URGP=0
Oct 2 19:18:32 [kernel] IN=ppp0 OUT=eth0 SRC=83.140.176.146 DST=10.136.137.7 LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=64577 DF PROTO=TCP SPT=80 DPT=64212 WINDOW=55 RES=0x00 ACK URGP=0
Oct 2 19:18:32 [kernel] IN=ppp0 OUT=eth0 SRC=83.140.176.146 DST=10.136.137.7 LEN=1467 TOS=0x00 PREC=0x00 TTL=48 ID=64581 DF PROTO=TCP SPT=80 DPT=64212 WINDOW=55 RES=0x00 ACK PSH FIN URGP=0
Oct 2 19:18:32 [kernel] IN=eth0 OUT=ppp0 SRC=10.136.137.7 DST=83.140.176.146 LEN=64 TOS=0x00 PREC=0x00 TTL=127 ID=5607 DF PROTO=TCP SPT=64212 DPT=80 WINDOW=92 RES=0x00 ACK URGP=0 |
EVerything else works fine, eg downloading distfiles.
net.ipv4.ip_forward is set to 1
net.ipv4.ip_dynaddr ist set to 1
only iptables rule I'v go:
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
ANy ideas?
_________________
Black Holes are created when God divides by zero! |
|
Networking & Security
