Sponsored Content
Top Forums UNIX for Beginners Questions & Answers iptables : How to apply masquerade while pinging from DUT to outside network Post 303034785 by slathigara on Monday 6th of May 2019 06:52:25 AM
Old 05-06-2019
iptables : How to apply masquerade while pinging from DUT to outside network

My Device is connected to eth1 interface of the host and eth0 is connected to network.
Now when I am pinging google.com from device after executing below commands on host
Code:
sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE 
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

I am seeing in wireshark at eth0, that during ping request source ip changes from DUT ip to host ip (i.e eth0 ip)
but that does not happen while ping reply , destination IP remains host IP only.
Why does it not show DUT ip as destination IP , Technically my final destination is DUT

For example:
Code:
host IP is x.x.x.x
DUT ip is y.y.y.y
pinging from x.x.x.x

on wireshark:
Code:
ping request  x.x.x.x to google.com -----> this I understood that it is due to masquerading and NAT
ping reply google.com to y.y.y.y expected but I see google.com to x.x.x.x   -----> why no Masquerading here?

 

9 More Discussions You Might Find Interesting

1. IP Networking

Ftp'ing thru a Iptables NAT Masquerade

Greetings to all. My new firewall is giving me one hell of a problem. I'm running iptables and masquerading my intranet thru NAT. But here is the problem. Whenever I try to FTP to a server outside of my lan I get a 500 illegal port error. I've come to the conclusion that NAT is... (2 Replies)
Discussion started by: phrater
2 Replies

2. IP Networking

iptables: log connection after SNAT/MASQUERADE command

Hello! I have the following problem with iptables in Debian 6: My server works as a router and it needs to log server external IP+port for all outgoing connections. But after command SNAT or MASQUERADE traffic is "lost". I mean no following rules can catch those traffic. Everything looks... (0 Replies)
Discussion started by: unlimited
0 Replies

3. UNIX for Dummies Questions & Answers

Sendmail masquerade

Hi, Please tell me what is sendmail masquarade and what is the use of it? Its pretty confusing :eek:.. Is it all about like when mail is sent from sender to receiver, the receiver cannot see the hostname/internal username of sender.. And I found they constitute various classes like class... (0 Replies)
Discussion started by: Priya Amaresh
0 Replies

4. AIX

Sendmail masquerade

I'm trying to configure sendmail masquerading and it seems like I'm having a problem with m4. My main problem is that internally generated emails are showing up externally as originating from: internal_user@internal1.mydomain.com. internal1.mydomain.com doesn't resolve publicly, nor should it.... (1 Reply)
Discussion started by: aix_user1
1 Replies

5. Red Hat

iptables Rules for my network

Hi Champs i am new in Iptables and trying to write rules for my Samba server.I took some help from internet, created one script and run from rc.local : #Allow loopback iptables -I INPUT -i lo -j ACCEPT # Accept packets from Trusted network iptables -A INPUT -s my-network/subnet -j... (0 Replies)
Discussion started by: Vaibhav.T
0 Replies

6. UNIX for Advanced & Expert Users

Https connection to UNIX DUT failing

HI !! I have this setup where I have Windows machine and a UNIX based DUT . I try to make a https connection from my Win to the DUT giving its IP. But,it is not working (It should do). What do u think the problem is ?? I checked the logs , they flag some writesocket:broken pipe error in... (1 Reply)
Discussion started by: leghorn
1 Replies

7. IP Networking

iptables nat/masquerade - how to act as a basic firewall?

edit: SOLVED - see below for solution Hi there, I've inherited a gob of Linux hosts and so am learning linux from the bottom of the deep end of the pool (gotta say I'm warming up to Linux though - it's not half bad) Right now iptables is confusing me and I could use some pointers as to how... (0 Replies)
Discussion started by: Smiling Dragon
0 Replies

8. UNIX for Dummies Questions & Answers

Nullmailer masquerade domain

I am using nullmailer on Ubuntu Linux to relay mails however when I send email or through cron it appear as root@myhostname.domain.com instead of root@domain.com How do I configure nullmailer so the email send appear as from root@domain.com? (0 Replies)
Discussion started by: hassan1
0 Replies

9. UNIX for Dummies Questions & Answers

iptables conditional masquerade

Hi everyone, I have a LAN with : 1 internet box (192.168.1.1) 1 Debian host (192.168.1.224) 3 Windows hosts (192.168.1.32/33/34) The internet box is set to route all incoming traffic to the Debian host (DMZ). Then the Debian host is set to accept certain packets and forward others... (0 Replies)
Discussion started by: chebarbudo
0 Replies
IPTABLES-APPLY(8)						  iptables 1.6.1						 IPTABLES-APPLY(8)

NAME
iptables-apply - a safer way to update iptables remotely SYNOPSIS
iptables-apply [-hV] [-t timeout] [-w savefile] {[rulesfile]|-c [runcmd]} DESCRIPTION
iptables-apply will try to apply a new rulesfile (as output by iptables-save, read by iptables-restore) or run a command to configure iptables and then prompt the user whether the changes are okay. If the new iptables rules cut the existing connection, the user will not be able to answer affirmatively. In this case, the script rolls back to the previous working iptables rules after the timeout expires. Successfully applied rules can also be written to savefile and later used to roll back to this state. This can be used to implement a store last good configuration mechanism when experimenting with an iptables setup script: iptables-apply -w /etc/network/iptables.up.rules -c /etc/network/iptables.up.run When called as ip6tables-apply, the script will use ip6tables-save/-restore and IPv6 default values instead. Default value for rulesfile is '/etc/network/iptables.up.rules'. OPTIONS
-t seconds, --timeout seconds Sets the timeout in seconds after which the script will roll back to the previous ruleset (default: 10). -w savefile, --write savefile Specify the savefile where successfully applied rules will be written to (default if empty string is given: /etc/network/iptables.up.rules). -c runcmd, --command runcmd Run command runcmd to configure iptables instead of applying a rulesfile (default: /etc/network/iptables.up.run). -h, --help Display usage information. -V, --version Display version information. SEE ALSO
iptables-restore(8), iptables-save(8), iptables(8). LEGALESE
Original iptables-apply - Copyright 2006 Martin F. Krafft <madduck@madduck.net>. Version 1.1 - Copyright 2010 GW <gw.2010@tnode.com or http://gw.tnode.com/>. This manual page was written by Martin F. Krafft <madduck@madduck.net> and extended by GW <gw.2010@tnode.com or http://gw.tnode.com/>. Permission is granted to copy, distribute and/or modify this document under the terms of the Artistic License 2.0. iptables 1.6.1 IPTABLES-APPLY(8)
All times are GMT -4. The time now is 08:22 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy