Hi Pepillo, > From: "pepillo" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Date: Wed, 19 Feb 2003 16:05:23 +0100 > Subject: [Bridge] Problem with iptables -A FORWARD -j DROP > > This is a multi-part message in MIME format. > > ------=_NextPart_000_0077_01C2D830.B58B24A0 > Content-Type: text/plain; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > Hello, I'm installing a bridge-firewall an all is OK, but whe > I deny all = the 'FORWARD' traffic this rule deny all the > traffic included the = 'ACCEPT' rules. Mi Kernel is 2.4.18 Have you applied the bridge netfilter patches? If not download the patch against 2.4.18, d'load from http://bridge.sourceforge.net/devel/bridge-nf/older/bridge-nf-0.0.7-agai nst-2.4.18/ and apply it to the raw kernel source code before compiling your kernel, & add bridge-netfiler during make config. > and i installed itables 1.2.5-3. My script is: > > iptables -F FORWARD > iptables -F INPUT > iptables -F OUTPUT > > iptables -A FORWARD -p icmp -s 89.0.0.0/24 -d 89.0.0.55/32 -j ACCEPT If you have already applied the netfilter patch place a entry log here before the DROP eg. iptables -A FORWARD -j LOG --log-prefix "FORWARD-DROP" > iptables -A FORWARD -j DROP > Check your log file /var/log/messages to see if any icmp packets are listed as being dropped, when you attempt to ping. > > If I quit the las line it's all OK, if I deny 'ping' it's OK, > but if I = put the last line all ping are deny. > > Can somebody help me. I'm sorry for mu poor English. > Hope this helps,
Lewis _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
