oracle linux 6 iptables SNAT error!
868934Jun 14 2011 — edited Jun 15 2011hello every one
I use oracle linux 6.1,and use iptables do snat, but the POSTROUTING CHAIN can't receive packets (i see it use 'iptables-save')
echo 1 > /proc/sys/net/ipv4/ip_forward
'iptables-save' like this:
**************
# Generated by iptables-save v1.4.7 on Tue Jun 14 22:44:05 2011
*nat
:PREROUTING ACCEPT [268:25801]
:POSTROUTING ACCEPT [1:108]
:OUTPUT ACCEPT [1:108]
-A POSTROUTING -j LOG --log-prefix "POSTROUTING:"
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j SNAT --to-source x.x.x.x
COMMIT
# Completed on Tue Jun 14 22:44:05 2011
# Generated by iptables-save v1.4.7 on Tue Jun 14 22:44:05 2011
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [537:176247]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -p tcp -m state state NEW -m tcp dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j LOG --log-prefix "FORWARD:"
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
thanks!