On 8/11/21 7:01 PM, Alain D D Williams wrote:
On Wed, Aug 11, 2021 at 11:50:30PM +0200, deloptes wrote:
Alain D D Williams wrote:
iptables -A FORWARD -j ACCEPT
and the OUTPUT?
OUTOUT is also ACCEPT, however this is not, I think, important as the packets
come from 10.239.239.23 (via br0) a
On Thu, Aug 12, 2021 at 01:28:57AM +0300, IL Ka wrote:
> >
> >
> >
> > > > iptables -A FORWARD -j ACCEPT
> >
>
> Are you sure your packets are forwarded via netfilter?
> Try to disable forwarding (with sysctl) or change rulte to -j DROP and
> check traffic with sniffer (no packet should be forward
>
>
>
> > > iptables -A FORWARD -j ACCEPT
>
Are you sure your packets are forwarded via netfilter?
Try to disable forwarding (with sysctl) or change rulte to -j DROP and
check traffic with sniffer (no packet should be forwarded from virt machine
to the Internet)
On Wed, Aug 11, 2021 at 11:50:30PM +0200, deloptes wrote:
> Alain D D Williams wrote:
>
> > iptables -A FORWARD -j ACCEPT
> >
>
> and the OUTPUT?
OUTOUT is also ACCEPT, however this is not, I think, important as the packets
come from 10.239.239.23 (via br0) and go to the Internet - thus FORWARD
Alain D D Williams wrote:
> iptables -A FORWARD -j ACCEPT
>
and the OUTPUT?
> and this is not a problem ... evidence is outgoing packets with source
> address 10.239.239.23
ah, ok, I misinterpreted it.
--
FCD6 3719 0FFB F1BF 38EA 4727 5348 5F1F DCFE BCB0
On Wed, Aug 11, 2021 at 11:32:51PM +0200, deloptes wrote:
> I remember it was not only the POSTROUTING. May be I am wrong, but I think
> FORWARD and OUTPUT is important.
> I also wonder why you are mixing up the -s and --to-source. You should be
> using the local address for -s and --to-source the
Alain D D Williams wrote:
> Hi,
>
> I have problems getting POSTROUTING to work on a Debian 10 box.
>
> Setup:
>
> INTERNET ... Broadband modem 192.168.108.1
>
> Network internal to the Debian box for virtual machines 10.239.239.0/24
>
> Debian has address 192.168.108.2 (interface enp3s0) and
7 matches
Mail list logo
