> -A POSTROUTING -j SNAT --to-source 10.0.0.5 That's a problem - you're SNATting all connections, not just the ones that need to be SNATted. Try -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j SNAT --to-source 10.0.0.5
If your IP is 10.0.0.5 (is the firewall behind a firewall? 10.x.x.x addresses aren't valid on the Internet. That could be your problem), your internal network (that you want to do NAT on) is 192.168.0.0/24, and the ethernet card connected to the Internet is eth0. Adjust to taste. Also, try disabling everything, and connecting to an FTP site with your firewall machine - if that doesn't work, then it's not your fault, it's the fault of the people providing your internet connection; it's obvious that your 'external' IP's are behind some sort of NAT as well. -EtherMage
