Dear all,
I have some problems in testing the NAT/FW NSLP.My testbed has 3 nodes[NI/NF/NR]and I want to create pinholes in the NF using the command shown below.But after runing the command,I got no response and the iptables rule didn't be configured.
./nsis-natfw --create -s 192.168.1.1 -d 172.16.0.1 --sport 5624 --dport 4612 --debug 0
NI NF NR
192.168.1.1-------192.168.1.2/172.16.0.2------172.16.0.1
I have tested the ping tool(using ./nsis-ping 172.16.0.1) and the Diagnostics NSLP(using ./nsis-diag 172.16.0.1)at NI,and they have no problem.The NSIS version is nsis-0.5.1-dev and the OS is FC3.
I got the following results at the nodes using ethereal.
NI
Source Destination protocol Info
192.168.1.1 172.16.0.1 GIST GIST Query(UDP)
192.168.1.2 192.168.1.1 GIST GIST Response(UDP)
192.168.1.1 192.168.1.2 GIST GIST Confirm(TCP)
192.168.1.1 192.168.1.2 NAT/FW GIST Data(TCP)
192.168.1.1 192.168.1.2 GIST GIST MA-Hello(TCP)
192.168.1.2 192.168.1.1 GIST GIST MA-Hello(TCP)
......
NF(192.168.1.2)
Source Destination protocol Info
192.168.1.1 192.168.1.2 GIST GIST Query(UDP)
192.168.1.2 192.168.1.1 GIST GIST Response(UDP)
192.168.1.1 172.16.0.1 GIST GIST Query(UDP)
192.168.1.2 192.168.1.1 GIST GIST Response(UDP)
192.168.1.1 192.168.1.2 GIST GIST Confirm(TCP)
192.168.1.1 192.168.1.2 NAT/FW GIST Data(TCP)
192.168.1.1 192.168.1.2 GIST GIST MA-Hello(TCP)
192.168.1.2 192.168.1.1 GIST GIST MA-Hello(TCP)
......
NF(172.16.0.2)
Source Destination protocol Info
172.16.0.2 172.16.0.1 GIST GIST Query(UDP)
172.16.0.1 172.16.0.2 GIST GIST Response(UDP)
172.16.0.2 172.16.0.1 GIST GIST Confirm(TCP)
172.16.0.2 172.16.0.1 NAT/FW GIST Data(TCP)
172.16.0.2 172.16.0.1 GIST GIST MA-Hello(TCP)
172.16.0.1 172.16.0.2 GIST GIST MA-Hello(TCP)
......
Can anyone help me ? thank you .
sunjinshan
2007-10-08
----------------------------------------------------------------------------------------------
Confidentiality Notice: The information contained in this e-mail and any accompanying attachment(s) is intended only for the use of the intended recipient and may be confidential and/or privileged of Neusoft Group Ltd., its subsidiaries and/or its affiliates. If any reader of this communication is not the intended recipient, unauthorized use, forwarding, printing, storing, disclosure or copying is strictly prohibited, and may be unlawful. If you have received this communication in error, please immediately notify the sender by return e-mail, and delete the original message and all copies from your system. Thank you.
-----------------------------------------------------------------------------------------------