[arch-general] iptables not working well?
Damjan Georgievski
gdamjan at gmail.com
Sun Jul 10 20:17:46 EDT 2011
>> If you have a static IP address on your ethernet card, you probably want to
>> use SNAT rather than MASQUERADE.
>>
>> Also, I find it odd that you are using MASQUERADE on traffic TO the ppp0
>> interface. Usually, ou MASQUERADE traffic FROM the ppp0 address. You might try
>> "-i" instead of "-o" in that rule and see if it makes a difference
>
> It's workin like I showed on a debian box. But I'll try of course.
I don't see the previous message in my mailbox, but… he is wrong.
The correct way is -o ppp0, you want to MASQUERADE everything that
goes out of your internet facing interface.
--
damjan
More information about the arch-general
mailing list