My simple setup ifconfig eth0 10.0.0.1 dhcpcd eth1 iptables -t nat -a POSTROUTING -o eth1 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward iptables -A INPUT -i eth1 -p ICMP -j DROP
if it's only a NAT box, I also run. iptables -A INPUT -i eth1 -j DROP works fine, using kernel 2.4.19 iptables v 1.2.7a I could be doing this wrong, I don't know. It works. I think I'm secure. ----- Original Message ----- From: "steven K" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, November 20, 2002 7:41 PM Subject: (clug-talk) MASQ > I am currently have the mini distro coyote running on an old p166. I'm > using this computer as a router for my internal network and I am having > problems with masquerating(spelling). I am able to ping my eth0 and eth1 > of my box with the workstations and vise versa, but I am unable to > access anything on the internet. Any suggestions would be great. I know > its something easy that I am failing to catch. > > Why would this not work? > > /sbin/ipchains -A forward -s 192.168.0.3/255.255.255.0 -d 0.0.0.0/0 -j MASQ > /sbin/ipchains -A forward -s 192.168.0.2/255.255.255.0 -d 0.0.0.0/0 -j MASQ > /sbin/ipchain -P forward DENY > > > >
