ip - masquerading / iptables

Tommy Wareing tommyw at ntlworld.com
Mon Jun 25 04:19:14 PDT 2001

On Mon, Jun 25, 2001 at 01:19:44AM +0200, Max Schattauer wrote:
> Hi there!
> I have a really *wierd* problem switching over to ipchains.
> On my MASQ-host (linux 2.4.5, isdn connection) the ipchains-
> configuration is working. I threw that out and tried to set up 
> iptables, first everything looked fine, too. Modules are loading and
> iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE
> also looks fine. The only problem (the *real* one) is that the clients 
> can't connect tho the Internet. Did anyone encounter that before?

That'll mean that any outgoing connections are masqueraded. But what
about the reply packets (which are INCOMING)?

My guess is that you've got the policy filter set to reject or drop.

In which case, the usual command is...
iptables -t filter -A INPUT -m state --state ESTABLISHED    -j ACCEPT

Unsubscribe: send email to lfs-apps-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message

More information about the blfs-support mailing list