Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [masquerade]

77 questions
0
votes
1 answer

netperf + iptables masquerade -> network unreachable

Why iptables rules pass netperf TCP_STREAM test through, but break UDP_STREAM? I have a network: +---------------+ | | [client]--[NAT]--[server] On the NAT, I have added the following iptables rules: $ iptables -t nat…
Necto
  • 163
  • 7
0
votes
1 answer

iptables DNAT to external IP without masquerading does not work

On server 1.1.1.1: iptables -t nat -A PREROUTING -p tcp --dport 20000 -j DNAT --to-destination: 2.2.2.2:20000 iptables -t nat -A PREROUTING -p tcp --dport 20000 -j LOG --log-prefix pre20k iptables -t nat -A POSTROUTING -p tcp --dport 20000 -j LOG…
rlib
  • 195
  • 1
  • 1
  • 8
0
votes
1 answer

Keep source port for outgoing packets

I have 2 interfaces eth0(192.168.0.1) and eth1(10.1.1.15). And I do nat for all packets in this way. iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE Now I want to keep source port for natted packets, like this: 192.168.0.1:8080 ->…
Islam Sabyrgaliyev
  • 127
  • 1
  • 1
  • 6
0
votes
0 answers

Simple MASQUERADE NAT between 2 VM

I'm on a cloud service and I'm trying to set up NAT between two VM. I've never experienced issues in this simple step, but this time is different and I'm near to give up. The first VM had two interfaces: eth0 Link encap:Ethernet HWaddr…
JonSnow
  • 1
  • 1
0
votes
0 answers

NAT answers instead of remote host

Currently I have VPN client access set up on OpenSuSE 13.1 server to third-party remote Cisco VPN IPSec server. VPN Server is set up to provide access for a host only and to provide access for a local network I set up iptables NAT with…
Ilya
  • 101
0
votes
1 answer

Send an email from exim to another SMTP server strippping the local envelope

I manage a service that recently switched to AWS/EC2 but we have several IP addresses with great email reputation that we'd like to keep sending the email through. We've set up exim to be a satellite on the EC2 instances so that email sent with…
mpeters
  • 233
  • 2
  • 11
0
votes
2 answers

Iptables MASQUERADE: What is the advantage/disadvantage between these two commands?

What is the advantage/disadvantage between below 2 commands: iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/16 -j MASQUERADE AND iptables -t nat -A POSTROUTING -j MASQUERADE Some Background why this question has arisen: I had raised a question…
slayedbylucifer
  • 504
  • 3
  • 7
  • 24
0
votes
3 answers

CentOS masqueraded network with iptables clients not connecting: Unable to ping

I'm a novice sysadmin working on a system with a CentOS server masquerading traffic with client machines also running CentOS. Something with the tables got messed up and my clients no longer have internet connectivity. I'm trying to get ping…
Brandon Amos
  • 103
  • 3
0
votes
1 answer

Postfix mail server taken over by spammers following update of environment despte countermeasures

Long configured, stable Postfix mail server on internal system with greylisting, a long list of restrictions and real-time black-listing, reachable through a gateway / firewall via forwarded port worked fine inbound and outbound following the…
Richard T
  • 1,206
  • 12
  • 29
0
votes
1 answer

Configure IPTABLES to MASQUERADE traffic from a single host in lan and block other

Have a proxy server with squid installed. Want to configure iptables so as to allow a single ip in lan to access internet directly without directing the traffic through squid. the following works to masquerade traffic but how to filter so that only…
Gr33n
  • 113
  • 5
0
votes
2 answers

Confusion Post FedoraCore Upgrade: NAT / port forwarding trouble, and POSTROUTING MASQUERADE has unexpected influence on forwarding ports

Following a gateway / firewall system's hardware failure, a younger version of Fedora Core (17) was installed on new hardware, and the old 'iptables' and system-config-firewall files from /etc/sysconfig were used (and nothing else). Old version of…
Richard T
  • 1,206
  • 12
  • 29
0
votes
1 answer

nftables masquerading is not working

I've a laptop (172.16.0.2) and a desktop PC (172.16.0.1). The phone is connected to the PC in USB modem mode, and it appears as the enp5s0f3u1 interface. I've set up masquerading through nftables so that the laptop can access the internet through…
BlitDev
  • 1
  • 2
0
votes
0 answers

Strongwan S2S VPN to Fortinet

I want to hide my local hosted server behind a public VPS. So i established a VPN between my local firewall(fortinet) and my vps(strongswan). Diagram The VPN is up but no traffic at all. Even in tcpdump i can't see any traffic coming from the tunnel…
ben
  • 1
0
votes
0 answers

iptables masquerade traffic from ip range to specific interface

I have an environment where I have multiple network interfaces: eth0 and vpn1. I am running docker which has an iptables masquerade rule to masquerade traffic from 172.17.0.0/16: -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE The rule…
F21
  • 706
  • 3
  • 11
  • 20
0
votes
1 answer

Networking issue with Fedora Server 38 as a firewall / gateway

This environment has twins of virtually everything, including two web server / firewall / gateway systems, and they were getting long-in-the-tooth version wise, so I decided to upgrade from Fedora Server 30 to 38 on one of them. The idea was, of…
Richard T
  • 1,206
  • 12
  • 29
1 2 3
4
5 6