Richard Jenniss wrote:
My simple setup
ifconfig eth0 10.0.0.1
dhcpcd eth1
iptables -t nat -a POSTROUTING -o eth1 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -i eth1 -p ICMP -j DROP
if it's only a NAT box, I also run.
iptables -A INPUT -i eth1 -j DROP
works fine, using kernel 2.4.19
iptables v 1.2.7a
I could be doing this wrong, I don't know. It works. I think I'm secure.
----- Original Message -----
From: "steven K" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, November 20, 2002 7:41 PM
Subject: (clug-talk) MASQ
I am currently have the mini distro coyote running on an old p166. I'mMASQ
using this computer as a router for my internal network and I am having
problems with masquerating(spelling). I am able to ping my eth0 and eth1
of my box with the workstations and vise versa, but I am unable to
access anything on the internet. Any suggestions would be great. I know
its something easy that I am failing to catch.
Why would this not work?
/sbin/ipchains -A forward -s 192.168.0.3/255.255.255.0 -d 0.0.0.0/0 -j
/sbin/ipchains -A forward -s 192.168.0.2/255.255.255.0 -d 0.0.0.0/0 -jMASQ
/sbin/ipchain -P forward DENY
