/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
Hi all! I've got a network as shown by my attempt at ASCII art below: Amiga 192.168.1.2 _|_ __________________________ | | | Linux box | |Hub|---|eth1 eth0|--> Internet gateway |___| |192.168.1.1 193.11.228.9| 193.11.228.1 | |__________________________| | Mac 192.168.1.4 The internal network works fine, i.e. I can ping/telnet/whatever all computers with 192.168.* addresses and 193.11.228.9 (the external eth0 interface of the masquerading Linux box). The problem is that I can't get iptables masquerading to work (can't ping anything outside my internal network from the masqed computers) unless I have an established connection running (e.g. SSH) from the to-be-masqed computers to the Linux box while I execute the rc.firewall script. It was working OK when I was running Red Hat 7.1, but now I've upgraded to 7.2. I have tried both the "simple" and the "stronger" rulesets. Any ideas of what I should be looking for here? I also wonder if somebody could provide me with with what I should put in the /etc/sysconfig/iptables file to get the same rules as with the "stronger" rc.firewall, based on the info in the ASCII diagram above - so things will be Done The Red Hat Way (TM)... I'm totally lost when it comes to iptables configuration, so the pre-made rc.firewalls really were a Godsend, at least until something broke. ;) TIA, -- E m a n u e l M a i r ________________________________________ [EMAIL PROTECTED] http://WalkForCapitalism.org Dec. 2 '01 http://medstud.gu.se/~mair * t e a m A M I G A * .-. .- -.. .. --- -....- .- -.- - .. ...- .. - .-.- - ...-.- _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
