Home » General » Support » *SOLVED* MASQUERADE with IPTables in a VPS
*SOLVED* MASQUERADE with IPTables in a VPS [message #7700] |
Sat, 21 October 2006 09:30 |
slg2001
Messages: 20 Registered: March 2006 Location: Germany
|
Junior Member |
|
|
Hello,
i can't add a iptalbes Rule for masquerading in the VPS where my OpenVPN-Server is running, at the HN is it no problem to add someone!
VPS-Network=192.168.120.0/24
OpenVPN-Network= 5.5.0.0/24
VPS IPtalbes-Config
IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc ipt_REDIRECT "
Loaded IPTables Modules at the HN
[root@hn ~]# lsmod | grep ipt
ipt_MASQUERADE 1632 0
iptable_nat 7716 3
ip_nat 13300 2 ipt_MASQUERADE,iptable_nat
ip_conntrack 47300 4 xt_state,iptable_nat,ip_nat
ipt_ttl 1568 5
ipt_TCPMSS 3552 5
iptable_mangle 3520 5
iptable_filter 3232 7
ipt_multiport 2496 10
ipt_tos 1344 5
ipt_REJECT 4256 7
ip_tables 11356 3 iptable_nat,iptable_mangle,iptable_filter
x_tables 12544 13 ipt_MASQUERADE,xt_state,iptable_nat,xt_tcpudp,xt_length,ipt_ttl,xt_tcpmss,ipt_TCPMSS,ipt_multiport,xt_limit,ipt_tos,ipt_REJECT,ip_tables
[root@hn ~]#
add a iptables rule at the VPS
[root@vps ~]# iptables -t nat -A POSTROUTING -s 5.5.0.0/24 -j MASQUERADE
iptables: No chain/target/match by that name
[root@vps ~]# iptables -L -t nat
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
[root@vps ~]#
add a iptalbes rule at the HN
[root@hn ~]# iptables -t nat -A POSTROUTING -s 5.5.0.0/24 -j MASQUERADE
[root@hn ~]# iptables -t nat -L
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 5.5.0.0/24 anywhere
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
[root@hn ~]#
Some infromations about the Hardware-Node
[root@hn ~]# uname -r
2.6.16-026test018.1.custom
[root@hn ~]#
I hope i don't forgot any information!
Thx for your help.
slg2001
To follow the path:
look to the master, follow the master, walk with the master, see through the master, become the master.
[Updated on: Mon, 23 October 2006 05:54] by Moderator Report message to a moderator
|
|
|
Re: MASQUERADE with IPTables in a VPS [message #7703 is a reply to message #7700] |
Sat, 21 October 2006 12:30 |
|
curx
Messages: 739 Registered: February 2006 Location: Nürnberg, Germany
|
Senior Member |
|
|
Hi,
a look to the man page of vzctl shows me that the "ipt_MASQUERADE" is not in the IPTABLES MODULE LIST!
So you can't use the module ipt_MASQUERADE!
--iptables name
Restrict access to iptables modules inside a VE (by default
all iptables modules that are loaded in the host system are
accessible inside a VE).
You can use the following values for name: iptable_filter,
iptable_mangle, ipt_limit, ipt_multiport, ipt_tos, ipt_TOS,
ipt_REJECT, ipt_TCPMSS, ipt_tcpmss, ipt_ttl, ipt_LOG,
ipt_length, ip_conntrack, ip_conntrack_ftp, ip_con-
ntrack_irc, ipt_conntrack, ipt_state, ipt_helper, ipt-
able_nat, ip_nat_ftp, ip_nat_irc, ipt_REDIRECT xt_mac.
[Updated on: Sat, 21 October 2006 12:46] Report message to a moderator
|
|
|
|
|
Goto Forum:
Current Time: Sat Nov 02 12:14:02 GMT 2024
Total time taken to generate the page: 0.03294 seconds
|