ip - masquerading / iptables
root at CLARA.host1.linuxfromscratch.org
Mon Jun 25 15:55:08 PDT 2001
On Monday 25 June 2001 07:19, you wrote:
> On Mon, Jun 25, 2001 at 01:19:44AM +0200, Max Schattauer wrote:
> > Hi there!
> > I have a really *wierd* problem switching over to ipchains.
> > On my MASQ-host (linux 2.4.5, isdn connection) the ipchains-
> > configuration is working. I threw that out and tried to set up
> > iptables, first everything looked fine, too. Modules are loading and
> > iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE
> > also looks fine. The only problem (the *real* one) is that the clients
> > can't connect tho the Internet. Did anyone encounter that before?
> That'll mean that any outgoing connections are masqueraded. But what
> about the reply packets (which are INCOMING)?
> My guess is that you've got the policy filter set to reject or drop.
> In which case, the usual command is...
> iptables -t filter -A INPUT -m state --state ESTABLISHED -j ACCEPT
This iptables string works fine for me " iptables -t nat -A POSTROUTING
-o ippp0 -j MASQUERADE". I'm looking at IE on one of my gatewayed machines
right now. I do have a question for the writer though - are you using an
init script (e.g., one that sources "/etc/init.d/functions"), or entering
this manually at a term? In other words, how do you know its working?
Unsubscribe: send email to lfs-apps-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message
More information about the blfs-support