Tony Earnshaw wrote: >fre, 2002-02-15 kl. 11:38 skrev Alex Schuilenburg: > >>Maybe now is a good time to switch to iptables anyhow :-) >> > >:o) iptables has: "iptables -F -t nat". > >Are you simply lazy, or just old? > Neither, apparently just too stupid ;-P
I ran through the man pages, docs, FAQs and mailing lists and could not find any clues. Even now, looking at the man pages, "iptables -F -t nat" appears to flush the rules in the nat table that "... is consulted when a packet that creates a new connection is encountered. It consists of three built-ins: PREROUTING (for altering packets as soon as they come in), OUTPUT (for altering locally-generated packets before routing), and POSTROUTING (for altering packets as they are about to go out)." I am afraid that if "iptables -F -t nat" flushes existing connection entires causing them to be dropped by the source while maintaining all the NAT rules, it is not obvious to me from the above man page. I figured it would simply flush all the rules that provide NAT and keep the existing entries, just like "ipchains -F" does. But I am willing to give it a try :-) > > >>PS: Yes, the easy solution would be to change ISPs, but I would like a >>decent software solution. >> > >Schuilenburg? Alex? Ga op Demon Internet over, Alex. Daar krijg je >zowiezo vast IPnummer, kost je EURO 13 in de maand. Het is echt die >kosten waard. > Goede gissing, maar dit kan ik niet. Ik wonen in het UK. Demon Internet "AnyTime" onbeperkt inbelaccounts kosten 30GBP in de maand. BT AnyTime kosten 15GBP. But if iptables does not do the trick, or using MASQ as Rod suggested, I may have to seriously consider switching over. Thanks -- Alex
