iptables masquerading
(my fav linux list is missing in action... so I'm trying here)
What am I doing wrong.... :-)
ifconfig tap0 192.168.1.1 netmask 255.255.255.0 up
iptables -A FORWARD -i eth0 -o tap0 -m state --state
ESTABLISHED,RELATED -j ACCEPT;
iptables -A FORWARD -i tap0 -o eth0 -j ACCEPT;
iptables -t nat -A POSTROUTING -s 192.168.1.0 -o eth0 -j MASQUERADE;
>From a PC at 192.168.1.2 I can ping 192.168.1.1 over the vpn
(OpenVPN), but when I try to ping/telnet through the vpn I get
nowhere. When doing the following from 192.168.1.2:
telnet www.testing.com 80
on 192.168.1.1 I see this:
$ tcpdump -i any host www.testing.com
tcpdump: WARNING: Promiscuous mode not supported on the "any" device
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 96 bytes
00:12:49.535229 arp who-has papyrus.kattare.com tell 192.168.1.2
00:12:50.535768 arp who-has papyrus.kattare.com tell 192.168.1.2
00:12:51.535862 arp who-has papyrus.kattare.com tell 192.168.1.2
BTW, papyrus.kattare.com is aka www.testing.com
Tia,
--
-Jim P.
Reply to: