Re: [LARTC] bridged packets redirection

2011-05-03 Thread Riccardo Penco 
> Hey guys
>
> [17:47] * Now talking in #lartc
> [17:47] * Topic is 'Linux Advanced Routing and Traffic Control.
> http://lartc.org/  State problem and wait, :)'
> [17:47] * Set by ChanServ!servi...@services.oftc.net on Mon Nov 09
> 10:21:28
> [17:47]  hey guys, have lost 3 full days if my life to this
> problem
> [17:48]  linux box, br0 consits of eth1 and eth2, ifconfig br
> $BR_IP
> [17:48]  another box has ip $BR_IP+1, but doesn't matter
> [17:49]  $BR_IP+1 sends traffic through br0, and i want port 80
> to be DNATed to $BR_IP.
> [17:50]  and I made iptables -t nat -I PREROUTING -m physdev
> --physdev-in eth1 -m mac --mac-source 00:0C:29:88:3F:BA -j DNAT --to
> $BR_IP
> [17:50]  traffic is matched, 'cause i'm doing -j ACCEPT instead
> and it's ok
> [17:51]  but with that DNAT rule i've got "connection refused" on
> my client bpx
> [17:51]  pls, help
>
> feel free to ask any clarify

Just a thought, did You made the corrisponding 'filter' rule?
Something like:

iptables -t filter -I FORWARD -m physdev --physdev-in eth1 -m mac
--mac-source 00:0C:29:88:3F:BA -j ACCEPT

Hope it helps
ciao
riki
___
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

[LARTC] bridged packets redirection

2010-11-07 Thread Виталий Цховребов 
Hey guys

[17:47] * Now talking in #lartc
[17:47] * Topic is 'Linux Advanced Routing and Traffic Control.  
http://lartc.org/  State problem and wait, :)'
[17:47] * Set by chanserv!servi...@services.oftc.net on Mon Nov 09 10:21:28
[17:47]  hey guys, have lost 3 full days if my life to this problem
[17:48]  linux box, br0 consits of eth1 and eth2, ifconfig br $BR_IP
[17:48]  another box has ip $BR_IP+1, but doesn't matter
[17:49]  $BR_IP+1 sends traffic through br0, and i want port 80 to be 
DNATed to $BR_IP.
[17:50]  and I made iptables -t nat -I PREROUTING -m physdev 
--physdev-in eth1 -m mac --mac-source 00:0C:29:88:3F:BA -j DNAT --to $BR_IP
[17:50]  traffic is matched, 'cause i'm doing -j ACCEPT instead and 
it's ok
[17:51]  but with that DNAT rule i've got "connection refused" on my 
client bpx
[17:51]  pls, help

feel free to ask any clarify

-- 
С уважением,
 Виталий  mailto:mitn...@yandex.ru

___
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc