The missing link for me was that if you're using "standard" linux
firewalling, which is packet filtering, you _need_ ip forwarding enabled.
(The HOWTO says don't enable it, but that's for TIS proxying firewalls -
not what we're talking about here.)
Also, for ipchains at least, order counts. You need to enable everything
that you want to let through first, and then disable _everything_ last.
The first rules in the chain get "executed" before the ones in the end.
With those two tips, and the docs, I was able to get my firewall working
the way I wanted. Feel free to email me if that's not enough info.
(BTW, you need a 2.1 kernel for ipchains afaik.)
Later,
Dale
--
+------------------ email me for my pgp public key --------------------+
| Dale E. Martin | Clifton Labs, Inc. | Senior Computer Engineer |
| [EMAIL PROTECTED] | http://www.clifton-labs.com |
+----------------------------------------------------------------------+
