This is a bit odd, and I'm really not quite sure what I'm doing wrong.
I'm trying to establish a mapping from public IPs on the RED net to internal
IPs on the ORANGE net as follows:
173.160.184.66 => 192.168.1.11
173.160.184.67 => 192.168.1.12
I've set up destination nat rules for port 80 (HTTP) on both of these using
DNAT Policy "NAT". Traffic from the GREEN network that is directed to any of
these addresses (external or internal on either machine) seems to work fine.
Traffic from the RED NIC to the .67 IP gets translated as expected and works
fine. Traffic from the RED network to the .66 IP does not seem to get
translated.
In an attempt to figure out what is going on, I logged in to both the server
and the firewall and ran tcpdump against port 80. Traffic to the .67, which
forwards .67=>.12 works exactly as expected. I can see the traffic inbound
on the RED interface, and I can see the corresponding traffic inbound on the
network interface for the .12 machine on the ORANGE net. Traffic to the .66
can be seen arriving at the NIC on the RED interface, but never makes it to
the incoming NIC for the .11 machine. If I switch tcpdump over to look at
the ORANGE nic, it's clear that the traffic is never making it out the NIC.
I've looked at the dnat/iptablesdnat file and also the output of iptables -L
-n and iptables -L -t nat -n. Both look plausible to me.
What else do I need to look at?
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
