satellite+ route by port (from local process), part_2

To: debian-russian@lists.debian.org
Subject: satellite+ route by port (from local process), part_2
From: devi <unxdebian@yandex.ru>
Date: Fri, 23 Jul 2004 12:27:02 +0400
Message-id: <[🔎] 44159869531.20040723122702@yandex.ru>
Reply-to: devi <unxdebian@yandex.ru>

Здравствуйте, debian-russian.

уже ради интереса *) ... вопрос решился, но скажем таки - очень криво.
при помощи ROUTE из p-o-m перекидываю smtp на ppp0 (pppoe adsl), но
с какой стати в логах появляется строка вот такого подобия.

Jul    23   12:20:30   gate   kernel:   netfilter   >   IN=   OUT=gre1
SRC=192.168.2.249  DST=62.118.249.10  LEN=44 TOS=0x10 PREC=0x00 TTL=64
ID=50070  DF  PROTO=TCP  SPT=32795 DPT=25 WINDOW=5712 RES=0x00 CWR ECE
SYN URGP=0

то есть идем на smtp.ru:25, но почему-то ЧЕРЕЗ gre1 (ip_tunnel to
sattelite) если фактически должены выходить через ppp0?

далее пример iptables-save. может кто подскажет где ошибся\что
пропустил?

# Generated by iptables-save v1.2.9 on Fri Jul 23 12:09:18 2004
*nat
:PREROUTING ACCEPT [11:830]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
[0:0] -A POSTROUTING -p tcp -m tcp --dport 25 -j LOG --log-prefix " netfilter > "
[0:0] -A POSTROUTING -s 192.168.3.0/255.255.255.0 -d ! 192.168.3.0/255.255.255.0 -o ppp0 -j SNAT --to-source 213.27.20.57 
[0:0] -A POSTROUTING -s 192.168.3.0/255.255.255.0 -d ! 192.168.3.0/255.255.255.0 -o gre1 -j SNAT --to-source 192.168.2.249
[0:0] -A POSTROUTING -s 192.168.2.249 -d ! 192.168.3.0/255.255.255.0 -p tcp --dport 25 -o gre1 -j SNAT --to-source 213.27.20.57 
COMMIT
# Completed on Fri Jul 23 12:09:18 2004
# Generated by iptables-save v1.2.9 on Fri Jul 23 12:09:18 2004
*mangle
:PREROUTING ACCEPT [179:16234]
:INPUT ACCEPT [168:15404]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [235:14424]
:POSTROUTING ACCEPT [235:14424]
[0:0] -A PREROUTING -d ! 192.168.3.0/255.255.255.0 -p tcp -m tcp --dport 25 -j MARK --set-mark 0x1 
[0:0] -A PREROUTING -d 80.80.111.244 -j MARK --set-mark 0x1 
[0:0] -A PREROUTING -d 80.80.111.254 -j MARK --set-mark 0x1 
[0:0] -A PREROUTING -i dvb0_0 -j ULOG 
[0:0] -A POSTROUTING -p tcp -m tcp --dport 25 -j ROUTE --oif ppp0 --continue
COMMIT
# Completed on Fri Jul 23 12:09:18 2004
# Generated by iptables-save v1.2.9 on Fri Jul 23 12:09:18 2004
*filter
:INPUT ACCEPT [168:15404]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [235:14424]
[0:0] -A FORWARD -s 192.168.3.101 -d ! 192.168.3.0/255.255.255.0 -i eth1 -j ACCEPT 
[0:0] -A FORWARD -s ! 192.168.3.0/255.255.255.0 -d 192.168.3.101 -o eth1 -j ACCEPT 
COMMIT
# Completed on Fri Jul 23 12:09:18 2004

-- 
С уважением,
 devi                          mailto:unxdebian@yandex.ru

Reply to:

Prev by Date: Re: Загрузка a'la redhat/mdk [JT]
Next by Date: Re: satellite+ route by port (from local process)
Previous by thread: Re: satellite+ route by port (from local process)
Next by thread: Спешу похвастать. soekris net4501 в строю
Index(es):
- Date
- Thread