On Tue, 16 May 2000, Dwayne C . Litzenberger wrote: > > I have a box that I want to do IP forwarding. But, I can't ping outside > hosts through it. The firewall sends packets from me, but it doesn't > re-forward the ICMP echo replies (although you can see them with iptraf in > promiscuous mode) back. > > # ipchains -L > Chain input (policy ACCEPT): > Chain forward (policy ACCEPT): > Chain output (policy ACCEPT): > > # cat /proc/sys/net/ipv4/ip_forward
Dwayne, Please don't take offense to my comments here, but there are quite a lot of things to learn about Linux firewalls and masquerading. I was new to Linux six months ago (still a newbie now) and wanted to create a firewall box for our company. I read all the HOW-TO's (NETWORK, IPCHAINS, FIREWALL, MASQ, etc.) a New Riders book by Robert Ziegler (Linux Firewalls) and also found some firewall scripts that I used as learning tools. If you want to learn about the details of ipchains please start with the HOWTO's and THEN the following web sites: #-- Robert Ziegler http://www.linux-firewall-tools.com #-- Rick Johnson http://www.pointman.org PS: You may not see many replies to your question because there are just too many variables involved. -- Mark Schiltz - Just Lurking to Learn I'm here to paint but I've forgotten my brush... You got beer?