Here's what you should know: ============================= iptables debian 2.4.19 Firewall Ethernet connection is as follows: eth0 is connected to WAN and eth1 is connected to a switch, which is my DMZ. All my other servers are connected to that switch)
My firewall acts as a router, using ROUTE and ARP to pass the packets from the firewall to all the other computers on the same subnet. what I realized (correct me if I'm wrong) is that routers cannot forward packets across the same subnet ( hence why you use ARP ). THE PROBLEM ============== INPUT is FINE OUTPUT is FINE FORWARD is FOOBAR My firewall doesn't like to FORWARD packets back out. everything goes into the DMZ but nothing goes out. I cannot whois, lynx etc. subnetting is out of the question. here is why I think this is so: ================================ you ARP an IP it will send it as MAC address ( layer 2 ) and the router can't handle it because it is a layer 3 device. WHAT CAN I DO TO FIX THIS PROBLEM? I don't want to change the current configuration i.e. NATing or subnetting. Much Appreciated for any help. Regards, Jeremy
