Routing problem on a Masquerading Firewall
Martijn Jacobs
martijn at fourdigits.nl
Wed Oct 5 19:30:23 CEST 2005
Hello Guus.
>I suspect it is a firewall issue on host 50K. Can you send the output
>of "iptables -L -v -x -n" and "iptables -t nat -L -v -x -n"?
>
These are the outputs for both hosts :
50K :
50k:/home/martijn# iptables -L -v -x -n
Chain INPUT (policy ACCEPT 55004 packets, 7867251 bytes)
pkts bytes target prot opt in out
source destination
Chain FORWARD (policy ACCEPT 4 packets, 336 bytes)
pkts bytes target prot opt in out
source destination
Chain OUTPUT (policy ACCEPT 16770 packets, 4354458 bytes)
pkts bytes target prot opt in out
source destination
50k:/home/martijn# iptables -t nat -L -v -x -n
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out
source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out
source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out
source destination
Oeoe (but I tried without):
oeoe:/home/martijn# iptables -L -v -x -n
Chain INPUT (policy ACCEPT 64179 packets, 12143420 bytes)
pkts bytes target prot opt in out
source destination
Chain FORWARD (policy ACCEPT 1 packets, 84 bytes)
pkts bytes target prot opt in out
source destination
0 0 ACCEPT tcp -- * *
0.0.0.0/0 0.0.0.0/0 tcp dpt:8890 state NEW,ESTABLISHED
0 0 ACCEPT all -- eth0 eth1
0.0.0.0/0 192.168.2.0/24
0 0 ACCEPT all -- eth1 eth0
192.168.2.0/24 0.0.0.0/0
231248 146076045 ACCEPT all -- eth0 eth1
0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
217283 91435384 ACCEPT all -- eth1 *
0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 66851 packets, 35604720 bytes)
pkts bytes target prot opt in out
source destination
oeoe:/home/martijn# iptables -t nat -L -v -x -n
Chain PREROUTING (policy ACCEPT 40246232 packets, 2368999301 bytes)
pkts bytes target prot opt in out
source destination
0 0 DNAT tcp -- * *
0.0.0.0/0 0.0.0.0/0 tcp dpt:8890 to:10.0.0.18:3389
Chain POSTROUTING (policy ACCEPT 3078454 packets, 232733571 bytes)
pkts bytes target prot opt in out
source destination
7870 384652 MASQUERADE tcp -- * eth0
0.0.0.0/0 0.0.0.0/0 tcp masq ports: 655
0 0 MASQUERADE all -- * eth0
10.0.0.2 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.4 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.11 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.12 0.0.0.0/0
2604 158803 MASQUERADE all -- * eth0
10.0.0.13 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.18 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.30 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.28 0.0.0.0/0
1303 84265 MASQUERADE all -- * eth0
10.0.0.14 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.15 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.16 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.35 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.38 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.39 0.0.0.0/0
0 0 MASQUERADE all -- * eth0
10.0.0.20 0.0.0.0/0
43 7456 MASQUERADE all -- * eth0
10.0.0.21 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 1977499 packets, 151302593 bytes)
pkts bytes target prot opt in out
source destination
--
Martijn Jacobs
Four Digits, internet solutions
e-mail: martijn at fourdigits.nl | web: http://www.fourdigits.nl
tel: +31 (0)26 44 22 700 | fax: +31 (0)84 22 06 117
More information about the tinc
mailing list