-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dne pá 8. ?erven 2001 01:30 Stefan Srdic napsal(a): > I'm attempting to filter all UDP datagrams under the 1023 port range. > When I use the script below I cannot ping my ISP's web site or even surf > the net. DO I have a malformed chain or am I missing an essential > service? >
well, ok. See, you have an packet, going throuh the rules, top-down. it first hits REJECT rule (and is rejected), and it never makes it to the ACCEPT part. I recommend that you install ipmasq package (at least in sid it works w. iptables) and see how it works. (good example is worth tons of mail, I think ;)) Ax - -- Vaclav Hula ([EMAIL PROTECTED]) UIN#36624092 http://atrey.karlin.mff.cuni.cz/~ax - -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS/S/O d-(--) s:-- a-- C++ UL+++ P-- L+++(++) E--- W++$ N? o? K? w- O? M? V? PS+++ PE Y+ PGP++ t+ 5+ !X R+++ tv(-) b+++ Dl+ D+ G>++ e* h! r+(%) y+ - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7IIWrvYCMyWSPsqkRAlVPAKCa12n+2T2iiyssZ3pSeGkj96pMigCglnZe py6huHE4B9sKYVNnsAkcKO4= =tVk2 -----END PGP SIGNATURE-----
