LARTC - Feb 2006 - cant route out

Hi all I seem to have a very weird problem.

I have a gateway that allows me to route into the LAN etc, but for some reason I
cant get traffic out.

I have apprended a route like below to help me if its getting that far, and it
defiantly is.

$IPT -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/24 -j LOG --log-prefix "POST
ROUTE: "
--log-tcp-options --log-ip-options

Feb 18 19:14:16 ukgate kernel: POST ROUTE: IN= OUT=eth0 SRC=10.0.0.74
DST=140.135.10.98 LEN=48
TOS=0x00 PREC=0x00 TTL=127 ID=52278 DF PROTO=TCP SPT=1336 DPT=80 WINDOW=65535
RES=0x00 SYN URGP=0
OPT (020405B401010402)
Feb 18 19:14:16 ukgate kernel: POST ROUTE: IN= OUT=eth0 SRC=10.0.0.74
DST=219.159.9.103 LEN=48
TOS=0x00 PREC=0x00 TTL=127 ID=52279 DF PROTO=TCP SPT=1337 DPT=80 WINDOW=65535
RES=0x00 SYN URGP=0
OPT (020405B401010402)
Feb 18 19:14:16 ukgate kernel: POST ROUTE: IN= OUT=eth0 SRC=10.0.0.74
DST=219.117.8.205 LEN=48
TOS=0x00 PREC=0x00 TTL=127 ID=52280 DF PROTO=TCP SPT=1338 DPT=80 WINDOW=65535
RES=0x00 SYN URGP=0
OPT (020405B401010402)


ukgate:~# ip route show
217.206.34.80/28 dev eth0  proto kernel  scope link  src 217.206.34.82
10.0.0.0/24 dev eth1  proto kernel  scope link  src 10.0.0.4
default via 217.206.34.81 dev eth0
ukgate:~#

And the weird thing is, is that tcpdump shows the client trying to connect

ukgate:~# tcpdump -nn port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
19:21:59.735233 IP 10.0.0.4.1900 > 219.54.8.100.80: S 340139438:340139438(0)
win 65535 <mss
1460,nop,nop,sackOK>
19:21:59.735396 IP 10.0.0.4.1901 > 213.73.201.11.80: S 340204029:340204029(0)
win 65535 <mss
1460,nop,nop,sackOK>
19:22:01.734139 IP 10.0.0.4.1904 > 218.212.34.220.80: S
340860984:340860984(0) win 65535 <mss
1460,nop,nop,sackOK>
19:22:02.706327 IP 10.0.0.4.1900 > 219.54.8.100.80: S 340139438:340139438(0)
win 65535 <mss
1460,nop,nop,sackOK>
19:22:02.706347 IP 10.0.0.4.1901 > 213.73.201.11.80: S 340204029:340204029(0)
win 65535 <mss
1460,nop,nop,sackOK>
19:22:04.717925 IP 10.0.0.4.1904 > 218.212.34.220.80: S
340860984:340860984(0) win 65535 <mss
1460,nop,nop,sackOK>


If anyone could assist, I would be most grateful.

Kind Regards
Brent Clark

P.s.

I have echo 1 > /proc/sys/net/ipv4/ip_forward in my ruleset.

On Sa, 2006-02-18 at 21:25 +0200, Brent Clark wrote:
> I have a gateway that allows me to route into the LAN etc, but for some
reason I cant get traffic out.
Are you sure NAT is working? It looks like the packets leave your
gateway with addresses like 10.0.0.4 or 10.0.0.74 instead of being
NAT''ed to the public address 217.206.34.82.

Sebastian Bork wrote:
> On Sa, 2006-02-18 at 21:25 +0200, Brent Clark wrote:
> 
> 
>>I have a gateway that allows me to route into the LAN etc, but for some
reason I cant get traffic out.
> 
> 
> Are you sure NAT is working? It looks like the packets leave your
> gateway with addresses like 10.0.0.4 or 10.0.0.74 instead of being
> NAT''ed to the public address 217.206.34.82.
> 
HI Sebastian

I figured it out late last night and I cursed my self for not figuring it out
fast enough.
But least I relearnt something.

I appreciate your feedback.

I really apprecite it.

Kind Regards
Brent Clark