On Mon, 10 Sep 2007 22:48:20 +0200 Hans-Werner Hilse <[EMAIL PROTECTED]> wrote:
> is on what computer? On the "server" (I guess it's the router) the > last line would effectively prevent routing for the client (but I > don't know why ICMP works...). I would suggest starting without it > and then setting up proper rules -- and then setting the chain's > policy to DROP (plus some REJECT rules for proper answers). I agree, I thought your firewall rules were a little wacky too. These rules only route to one host. generally you'd want to route to a whole network, not just one host. > (but I don't know why ICMP works...). -- [EMAIL PROTECTED] mailing list
