Steven J. Yellin wrote:
    Try putting in /etc/sysctl.conf the line
net.ipv4.ip_forward = 1

Steven Yellin

I also recommend the use of an add-on firewall package for anything but the most basic rules. Such packages are created by more competent folk than you and I, and have safe default rules.

My favourite is shorewall. It's configured with a set of text files, is actively maintained and seems quite popular.

Here's how I keep a good piece of China out of my hair:
#  China Tsinghua University
DROP    net:202.115.31.255/17   all     tcp     25,22

I have similar rules for selected other networks in China and elsewhere.



On Wed, 11 Jul 2007, vivek chal wrote:

Hi all!

I have made Gateway of my DNS by using the following iptables rules:
  iptables --flush
  iptables --table nat --flush
  iptables --delete-chain
  iptables --table nat --delete-chain
  iptables --table nat --append POSTROUTING --out-interface eth0 -j
MASQUERADE
  iptables --append FORWARD --in-interface eth1 -j ACCEPT
  echo 1 > /proc/sys/net/ipv4/ip_forward
  iptables-save

My gateway is working fine but the only problem is that i have to run
echo 1 > /proc/sys/net/ipv4/ip_forward
everyday after booting my server in order to make my gateway up.My clients can't ping any site untill i give this command. i have made service iptables
to start at boot time.
Could anyone tell me where i am doing wrong.




--

Cheers
John

-- spambait
[EMAIL PROTECTED]  [EMAIL PROTECTED]

Please do not reply off-list

Reply via email to