/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
On 27 Feb 2001, John Chambers wrote:
> + /sbin/ipchains -P forward MASQ
> + /sbin/ipchains -A forward -i eth1 -s 192.168.1.0/24 -j MASQ
>
> That next-to-last line had been as recommended by the HOWTO:
>
> + /sbin/ipchains -P forward DENY
You've got two commands here that deal with the forward chain. The howto
tells you to set the "policy" of the forward chain to "DENY". This ensures
that someone on the Internet will not be able to use your computer as their
own router. So you DENY forwarding except for stuff from your internal
network.
I assume your internal IPs are in the 192.168.1.x range. If not fix that in
your last line above. If that is correct, maybe it's the "-i eth1" you have.
Is eth1 your Internet connection? If not, change it to the one that is. In
any case, you don't need it and can just have "/sbin/ipchains -A forward -s
192.168.1.0/24 -j MASQ"
-- Michael Best
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
