New modem and iptables...

[Curtis Doty]

9:48pm Antonio said:

> I installed a new modem ADSL2+ that doesn' t need pppo any longer
> because it starts connection by himself
>
> I had this set of rules on my my computer acting as a router.
> When I switched from the old to the new modem, the computer on the lan
> didn't surf the net, the I realized that I had to change some rule.
>
> # Generated by iptables-save v1.2.6a on Fri Feb 21 09:27:33 2003
> *nat
> :OUTPUT ACCEPT [0:0]
> :PREROUTING ACCEPT [0:0]
> :POSTROUTING ACCEPT [0:0]
> -A POSTROUTING -s 192.168.0.0/24 -o ppp0 -j MASQUERADE
> # Forward HTTP connections to Squid proxy
> -A PREROUTING -p tcp -m tcp -i eth0 --dport 80 -j REDIRECT --to-ports 3128
> COMMIT
> # Completed on Fri Feb 21 09:27:33 2003
> # Generated by iptables-save v1.2.6a on Fri Feb 21 09:27:33 2003
> *mangle
> :PREROUTING ACCEPT [9:432]
> :INPUT ACCEPT [3:234]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [9:684]
> :POSTROUTING ACCEPT [17:1292]
> COMMIT
> # Completed on Fri Feb 21 09:27:33 2003
> # Generated by iptables-save v1.2.6a on Fri Feb 21 09:27:33 2003
> *filter
> :FORWARD DROP [0:0]
> :INPUT DROP [0:0]
> :OUTPUT ACCEPT [0:0]
> -A INPUT -i lo -j ACCEPT
> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A FORWARD -i eth0 -j ACCEPT
> -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
> -A INPUT -i eth0 -j ACCEPT
> COMMIT
> # Completed on Fri Feb 21 09:27:33 2003
>
>
> _______________________________________________________
> I replaced the postrouting line by:
>
> -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j MASQUERADE
>
> But the LAN didn't work. Where is the mistake???
>

Take a closer look at "iptables-save -c" preferably run in the year 2007 
after making your change.

Are you really sure the problem is iptables related? You might also peek 
at "ip addr" and "ip route" just to make sure you still don't have 
something goofy leftover in your routing like default dev ppp0.

../C