Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: iptables : How to apply masquerade while pinging from DUT to outside network
Top Forums UNIX for Beginners Questions & Answers iptables : How to apply masquerade while pinging from DUT to outside network Post 303034785 by slathigara on Monday 6th of May 2019 06:52:25 AM
Old 05-06-2019
iptables : How to apply masquerade while pinging from DUT to outside network
My Device is connected to eth1 interface of the host and eth0 is connected to network.
Now when I am pinging google.com from device after executing below commands on host
Code:
sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE 
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

I am seeing in wireshark at eth0, that during ping request source ip changes from DUT ip to host ip (i.e eth0 ip)
but that does not happen while ping reply , destination IP remains host IP only.
Why does it not show DUT ip as destination IP , Technically my final destination is DUT

For example:
Code:
host IP is x.x.x.x
DUT ip is y.y.y.y
pinging from x.x.x.x

on wireshark:
Code:
ping request  x.x.x.x to google.com -----> this I understood that it is due to masquerading and NAT
ping reply google.com to y.y.y.y expected but I see google.com to x.x.x.x   -----> why no Masquerading here?

 

9 More Discussions You Might Find Interesting

1. IP Networking

Ftp'ing thru a Iptables NAT Masquerade

Greetings to all. My new firewall is giving me one hell of a problem. I'm running iptables and masquerading my intranet thru NAT. But here is the problem. Whenever I try to FTP to a server outside of my lan I get a 500 illegal port error. I've come to the conclusion that NAT is... (2 Replies)
Discussion started by: phrater
2 Replies

2. IP Networking

iptables: log connection after SNAT/MASQUERADE command

Hello! I have the following problem with iptables in Debian 6: My server works as a router and it needs to log server external IP+port for all outgoing connections. But after command SNAT or MASQUERADE traffic is "lost". I mean no following rules can catch those traffic. Everything looks... (0 Replies)
Discussion started by: unlimited
0 Replies

3. UNIX for Dummies Questions & Answers

Sendmail masquerade

Hi, Please tell me what is sendmail masquarade and what is the use of it? Its pretty confusing :eek:.. Is it all about like when mail is sent from sender to receiver, the receiver cannot see the hostname/internal username of sender.. And I found they constitute various classes like class... (0 Replies)
Discussion started by: Priya Amaresh
0 Replies

4. AIX

Sendmail masquerade

I'm trying to configure sendmail masquerading and it seems like I'm having a problem with m4. My main problem is that internally generated emails are showing up externally as originating from: internal_user@internal1.mydomain.com. internal1.mydomain.com doesn't resolve publicly, nor should it.... (1 Reply)
Discussion started by: aix_user1
1 Replies

5. Red Hat

iptables Rules for my network

Hi Champs i am new in Iptables and trying to write rules for my Samba server.I took some help from internet, created one script and run from rc.local : #Allow loopback iptables -I INPUT -i lo -j ACCEPT # Accept packets from Trusted network iptables -A INPUT -s my-network/subnet -j... (0 Replies)
Discussion started by: Vaibhav.T
0 Replies

6. UNIX for Advanced & Expert Users

Https connection to UNIX DUT failing

HI !! I have this setup where I have Windows machine and a UNIX based DUT . I try to make a https connection from my Win to the DUT giving its IP. But,it is not working (It should do). What do u think the problem is ?? I checked the logs , they flag some writesocket:broken pipe error in... (1 Reply)
Discussion started by: leghorn
1 Replies

7. IP Networking

iptables nat/masquerade - how to act as a basic firewall?

edit: SOLVED - see below for solution Hi there, I've inherited a gob of Linux hosts and so am learning linux from the bottom of the deep end of the pool (gotta say I'm warming up to Linux though - it's not half bad) Right now iptables is confusing me and I could use some pointers as to how... (0 Replies)
Discussion started by: Smiling Dragon
0 Replies

8. UNIX for Dummies Questions & Answers

Nullmailer masquerade domain

I am using nullmailer on Ubuntu Linux to relay mails however when I send email or through cron it appear as root@myhostname.domain.com instead of root@domain.com How do I configure nullmailer so the email send appear as from root@domain.com? (0 Replies)
Discussion started by: hassan1
0 Replies

9. UNIX for Dummies Questions & Answers

iptables conditional masquerade

Hi everyone, I have a LAN with : 1 internet box (192.168.1.1) 1 Debian host (192.168.1.224) 3 Windows hosts (192.168.1.32/33/34) The internet box is set to route all incoming traffic to the Debian host (DMZ). Then the Debian host is set to accept certain packets and forward others... (0 Replies)
Discussion started by: chebarbudo
0 Replies

LEARN ABOUT DEBIAN

ocf_pacemaker_ping

OCF_PACEMAKER_PING(7)					      Pacemaker Configuration					     OCF_PACEMAKER_PING(7)

NAME

       ocf_pacemaker_ping - node connectivity

SYNOPSIS

       [OCF_RESKEY_pidfile=string] [OCF_RESKEY_dampen=integer] [OCF_RESKEY_name=string] [OCF_RESKEY_multiplier=integer]
       [OCF_RESKEY_host_list=string] [OCF_RESKEY_attempts=integer] [OCF_RESKEY_timeout=integer] [OCF_RESKEY_options=string]
       [OCF_RESKEY_debug=string]

       ping [start | stop | reload | monitor | meta-data | validate-all]

DESCRIPTION

       Every time the monitor action is run, this resource agent records (in the CIB) the current number of ping nodes the host can connect to. It
       is essentially the same as pingd except that it uses the system ping tool to obtain the results.

SUPPORTED PARAMETERS

       OCF_RESKEY_pidfile = string [/ping-]
	   PID file

       OCF_RESKEY_dampen = integer [5s]
	   Dampening interval

	   The time to wait (dampening) further changes occur

       OCF_RESKEY_name = string [pingd]
	   Attribute name

	   The name of the attributes to set. This is the name to be used in the constraints.

       OCF_RESKEY_multiplier = integer []
	   Value multiplier

	   The number by which to multiply the number of connected ping nodes by

       OCF_RESKEY_host_list = string []
	   Host list

	   The list of ping nodes to count.

       OCF_RESKEY_attempts = integer [2]
	   no. of ping attempts

	   Number of ping attempts, per host, before declaring it dead

       OCF_RESKEY_timeout = integer [2]
	   ping timeout in seconds

	   How long, in seconds, to wait before declaring a ping lost

       OCF_RESKEY_options = string []
	   Extra Options

	   A catch all for any other options that need to be passed to ping.

       OCF_RESKEY_debug = string [false]
	   Verbose logging

	   Enables to use default attrd_updater verbose logging on every call.

AUTHOR

       Andrew Beekhof <andrew@beekhof.net>
	   Author.

Pacemaker Configuration 					    04/17/2012						     OCF_PACEMAKER_PING(7)
All times are GMT -4. The time now is 10:55 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy