Hi,
tl;dr:
I need to properly MASQUERADE all outgoing packets only from my bridge0
interface
brief:
I have a bridge(bridge0) which I use to connect all my VMs and
Containers. I also enabled forwarding using the below commands to
enable my VMs and Container to connect to internet,
$ sudo sysctl net.ipv4.ip_forward=1
$ sudo iptables -t nat -A POSTROUTING -j MASQUERADE
Everything works fine until I started using x11vnc server. I have
configured x11vnc to only listen in localhost and accept only localhost
connection. For some reason, x11vnc started rejecting clients which are
started in the same machine with reason saying rejecting client because
connection is not from 127.0.0.1 but from 10.0.0.74 (which is my
default gateway interface's ip adddress). If I remove the MASQUERADE
rule, x11vnc works fine.
I can put the following rule,
$ sudo iptables -t nat -A POSTROUTING ! -o lo -j MASQUERADE
which will not do MASQUERADE for packets from 'lo' interface. But my
need is to only MASQUERADE packets from 'bridge0' and not touch any
packets from other interfaces. how to achieve this?
Thanks,
Mohan R
_____________________________________
ILUGC List: //www.freelists.org/list/ilugc
ILUGC Web: http://ilugc.in/
