[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: nat masquerade router

Well, at least I tried.
I was along the right lines though and Rodolfo J. Paiz hit it right on the
I think I'll just stick to reading instead of awnsering.

And BTW. I agree with the "FC2 Issues" thread.... Those kind of bugs should
NOT make it into a offical release that isn't an RC.
( alas, I too was bitten by the duel boot bug and so where quite a few
others that I know. )

-----Original Message-----
From: fedora-list-bounces redhat com
[mailto:fedora-list-bounces redhat com]On Behalf Of Alexander Dalloz
Sent: June 15, 2004 1:45 PM
To: For users of Fedora Core releases
Subject: Re: nat masquerade router

Am Di, den 15.06.2004 schrieb Michael Floyd um 19:29:

> Well I see that your using a 24 bit subnet mask ( ) not a 16
> bit ( )
> It would be your firewall rules that are blocking you.....


> These two lines......
> # iptables -A FORWARD -s -j ACCEPT# iptables -A FORWARD
> -d -j ACCEPT
> # iptables -A FORWARD -s ! -j DROP
> the ip's should be not
> the way it's writen, you drop everthing on your subnet.

No :) That doesn't matter. includes the
net. He is just bit more permissive than it needs. But does no harm.

What is causing the blocking is:

iptables -A FORWARD -s ! -j DROP

It drops all incoming traffic not being from the private address range.
Thus packages from public internet are dropped.

What you intend is better placed to the INPUT chain.

> Michael Floyd


Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435
Serendipity 19:36:44 up 16:03, 8 users, 0.31, 0.29, 0.31

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]