On Thu, 04 Sep 2003 22:59:00 +1200, criggie wrote: > Dude - your ISP is being an arsehole... > > [EMAIL PROTECTED] > SMTP error from remote mailer after MAIL > FROM:<[EMAIL PROTECTED]>: host kcmx01.mgw.rr.com > [24.94.163.190]: 550 5.7.1 Mail Refused - 202.0.42 - See > http://security.rr.com/mail_blocks.htm#security - 20030323 >
yeah i have seen a lot of that happening around. it plain sucks. > I think that your new gateway needs to know that its allowed to forward > packets between those interfaces. hmm. i thought allowing ip_forward in /proc file system will be sufficient (if i trust the literature around.) the current setup on the new gateway is that there is nothing that iptables is doing. the chains are just empty. i thought that should intrinsically mean "don't block anything". but i will try your suggestion for sure. > > Try these commands to see if it all starts working: > /sbin/iptables --flush empties the old rulesets > /sbin/iptables -P FORWARD ACCEPT allows packets to be forwarded > /sbin/iptables -P OUTPUT ACCEPT allows packets to leave the system > /sbin/iptables -P INPUT ACCEPT allows packets into the system > > > At last resort you could nat between these two interfaces with a command > like this... > #Route between eth0 and eth1 > /sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j SNAT > --to 192.168.0.125 > /sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 > -o eth1 -j SNAT --to 192.168.1.125 yep i will try this too. thanks
