hi, i have a linux-router under kernel 2.4.18 using netfilter. the router has three devices: ppp0: dynamic (213.20.227.80 for now) p to the internet via dsl eth0: 192.168.1.1 internal 100baseT (net 192.168.1.0/24) eth1: 192.168.1.2 internal wavelan (net 192.168.2.0/24)
i set up the following rules for some dnat/snat: iptables -n -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT udp -- 0.0.0.0/0 213.20.227.80 udp dpt:6114 to:192.168.1.32:6112 DNAT udp -- 0.0.0.0/0 213.20.227.80 udp dpt:6112 to:192.168.2.32:6112 REDIRECT tcp -- 192.168.0.0/16 !192.168.0.0/16 tcp dpt:80 redir ports 3128 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT udp -- 192.168.1.32 0.0.0.0/0 udp spt:6112 to:213.20.227.80:6114 SNAT udp -- 192.168.2.32 0.0.0.0/0 udp spt:6112 to:213.20.227.80:6112 MASQUERADE all -- 192.168.0.0/16 !192.168.0.0/16 Chain OUTPUT (policy ACCEPT) target prot opt source destination the ports 6112 and 6114 are for playing on battle.net whith more than one computer. but there is a strange problem. tcpdump schows me the follpowing: tcpdump -n -p -i eth1 udp 14:24:30.125739 192.168.2.32.6112 > 213.20.227.80.6114: udp 17 14:24:30.195123 213.20.227.80.6114 > 192.168.2.32.6112: udp 17 tcpdump -n -p -i eth0 udp 14:24:30.125802 192.168.2.32.6112 > 192.168.1.32.6112: udp 17 14:24:30.195083 192.168.1.32.6112 > 192.168.2.32.6112: udp 17 so on eth1 all is ok. the source is changed for the host on 192.168.2.32. but why is this not done on eth0? should be the same or not? the problem is, that the host on 192.168.2.32 answers to the ip/port where the other udp-packet comes from. any ideas? volker -- Volker Widor - Krausstr. 13 - D-24118 Kiel Fon.: +49 431 2216345 Mobil: +49 179 1342137 http://widor.de
