Steven J. Yellin wrote:
Try putting in /etc/sysctl.conf the line
net.ipv4.ip_forward = 1
Steven Yellin
I also recommend the use of an add-on firewall package for anything but
the most basic rules. Such packages are created by more competent folk
than you and I, and have safe default rules.
My favourite is shorewall. It's configured with a set of text files, is
actively maintained and seems quite popular.
Here's how I keep a good piece of China out of my hair:
# China Tsinghua University
DROP net:202.115.31.255/17 all tcp 25,22
I have similar rules for selected other networks in China and elsewhere.
On Wed, 11 Jul 2007, vivek chal wrote:
Hi all!
I have made Gateway of my DNS by using the following iptables rules:
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface eth0 -j
MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables-save
My gateway is working fine but the only problem is that i have to run
echo 1 > /proc/sys/net/ipv4/ip_forward
everyday after booting my server in order to make my gateway up.My
clients
can't ping any site untill i give this command. i have made service
iptables
to start at boot time.
Could anyone tell me where i am doing wrong.
--
Cheers
John
-- spambait
[EMAIL PROTECTED] [EMAIL PROTECTED]
Please do not reply off-list