> If I rewrite the above to this, I think it will do what I want. > # route add -host 10.0.0.150 dev ppp0 > # iptables --insert PPPconn 1 --source 0.0.0.0/0.0.0.0 \ > --destination 10.0.0.150/32 --jump ACCEPT --out-interface ppp0 > # iptables --insert INPUT 1 --source 10.0.0.150/32 \ > --destination 0.0.0.0/0.0.0.0 --jump ACCEPT --in-interface ppp0 > # iptables --insert FORWARD 1 --source 0.0.0.0/0.0.0.0 \ > --destination 10.0.0.150/32 --jump ACCEPT --out-interface ppp0 > # iptables --insert FORWARD 1 --source 10.0.0.150/32 \ > --destination 0.0.0.0/0.0.0.0 --jump ACCEPT > # iptables --table nat --append POSTROUTING --out-interface ppp0 \ > --jump MASQUERADE > # iptables --append FORWARD --protocol tcp \ > --tcp-flags SYN,RST SYN --jump TCPMSS --clamp-mss-to-pmtu >
Well, I went ahead & did this, and it mostly works. I can ping 10.0.0.150, and from my windows machine on the local Lan, I can map a shared drive on 10.0.0.150. Can't get my browser to connect to the web-server on it though. Now, how doI make these firewall rules permanent. Amanda Please avoid sending me Word or PowerPoint attachments. See http://www.fsf.org/philosophy/no-word-attachments.html -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
