Why isn't ICMP routing with iptables nat routing

Posted by Scott Forsyth - MVP on Server Fault See other posts from Server Fault or by Scott Forsyth - MVP
Published on 2010-01-26T04:07:05Z Indexed on 2010/03/08 4:38 UTC
Read the original article Hit count: 652

Filed under:

I'm using iptables on Ubuntu server to route a public IP to a private IP. I want to nat all traffic, including 80, 443 and ICMP.

However, it appears that ICMP isn't routing. I have a steady ping going to the public IP and it never stops, even with NAT pointing to a bogus IP.

Here are the rules that I'm using:

iptables -t nat -I PREROUTING -d -j DNAT --to-destination  
iptables -t nat -I POSTROUTING  -s -j SNAT --to-source

I tried with rules for ICMP specifically, but no such luck:

iptables -t nat -I PREROUTING -d - icmp --icmp-type echo-request -j DNAT --to-destination

Any ideas?

© Server Fault or respective owner

Related posts about nat

Related posts about iptables