On Fri, Jul 24, 2009 at 8:30 AM, Joshua N Pritikin<jpriti...@pobox.com> wrote: > No need. The solution is to MASQ ppp0 instead of eth0. It works fine now.
Excellent news! > The question is, what to change in /etc to make the change permanent? OLPCCorps people were asking similar questions couple days ago -- CC'd (guys, check the list archive for teh earlier part of this thread, good stuff from Joshua on making this work). Joshua, I think we need to change how we load the iptables script, so it changes "on the fly" when we load it, based on - Which network device is "WAN", maybe stored in /etc/sysconfig/xs_wan_device (in your case, ppp0) - Whether we're running Squid (or other http proxy) - we'll want a reliable check for that, we may be able to just check (IIRC) /var/lock/subsys/squid if squid starts before iptables, or whether a squid symlink exists in the relevant rcX.d directory. An /etc/sysconfig/iptables that calls a bash (best) or python (2nd best) script to sort these variables out and create the right rules would be the right fix I think. What do you think? cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff _______________________________________________ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel