[strongSwan] about strongswan nat error updown: iptables x.x.x.x: host/network `PH_IP_ALICE' not found

Mon Sep 9 10:18:23 CEST 2013

i change "Alice's physical IP" to 192.168.5.133
root at ubuntu:~# iptables -L -v
Chain INPUT (policy ACCEPT 1218 packets, 120K bytes)
 pkts bytes target     prot opt in     out     source
destination
    0     0 ACCEPT     udp  --  virbr0 any     anywhere
anywhere             udp dpt:domain
    0     0 ACCEPT     tcp  --  virbr0 any     anywhere
anywhere             tcp dpt:domain
    0     0 ACCEPT     udp  --  virbr0 any     anywhere
anywhere             udp dpt:bootps
    0     0 ACCEPT     tcp  --  virbr0 any     anywhere
anywhere             tcp dpt:bootps

Chain FORWARD (policy ACCEPT 2 packets, 142 bytes)
 pkts bytes target     prot opt in     out     source
destination
    0     0 ACCEPT     all  --  any    virbr0  anywhere
192.168.122.0/24     state RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  virbr0 any     192.168.122.0/24
anywhere
    0     0 ACCEPT     all  --  virbr0 virbr0  anywhere
anywhere
    0     0 REJECT     all  --  any    virbr0  anywhere
anywhere             reject-with icmp-port-unreachable
    0     0 REJECT     all  --  virbr0 any     anywhere
anywhere             reject-with icmp-port-unreachable
    0     0 ACCEPT     all  --  eth1   eth0    192.168.5.0/24
10.4.0.0/24
    0     0 ACCEPT     all  --  eth0   eth1    10.4.0.0/24
192.168.5.0/24

Chain OUTPUT (policy ACCEPT 800 packets, 115K bytes)
 pkts bytes target     prot opt in     out     source
destination
root at ubuntu:~# ping 192.168.5.133
PING 192.168.5.133 (192.168.5.133) 56(84) bytes of data.
^C
--- 192.168.5.133 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3000ms

root at ubuntu:~# ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 00:0b:2f:57:58:24
          inet addr:192.168.5.1  Bcast:192.168.5.255  Mask:255.255.255.0
          inet6 addr: fe80::20b:2fff:fe57:5824/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4928 errors:0 dropped:0 overruns:0 frame:0
          TX packets:450 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:303325 (303.3 KB)  TX bytes:58532 (58.5 KB)

but Alice's ip cann't connect 192.168.5.1 gw :-(


2013/9/9 Martin Willi <martin at strongswan.org>

> Hi,
>
> > Sep  9 13:42:48 14[CHD] updown: iptables v1.4.12: host/network
> > `PH_IP_ALICE' not found
>
> If you copy a raw updown script from the test suite, you'll have to
> replace some variables by the IP addresses of these hosts. PH_IP_ALICE
> stands for Alice's physical IP. It gets replaced automatically in the
> test suite, but you'll have to do this manually when copying such a
> file.
>
> Regards
> Martin
>
>


-- 
我爱臭豆腐
老老实实做人 认认真真做事
email:hao.wangbj at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130909/e142c0b2/attachment.html>