On 5 Sep 2001 21:06:32 -0700, [EMAIL PROTECTED] wrote: >> On 5 Sep 2001 08:29:37 -0700, [EMAIL PROTECTED] wrote: >> >> >I can ping outside and inside networks from the router, and I can ping the LAN >> side of the router from a local computer, but I can't ping outside from the >> local computer. >> >> You need SNAT ("ip masquerading") like this: >> >> if [ -n "$EXTERNAL" ]; then >> for ext in $EXTERNAL; do >> ipnm_cache $ext >> $IPTABLES -t nat -A POSTROUTING -o $ext -j SNAT --to $IPOFIF >> done >> fi >> >> $EXTERNAL is the set of external interfaces you have, "ipnm_cache" precomputes >> the IP address and netmask for the respective external interface (the IP address >> gets stored in $IPOFIF.) > >Ok, I've read conflicting information on this subject, and neither solution has worked correctly. I can't use this solution becuase I don't seem to have ipnm_cache. I tried to follow the NAT-HOWTO which says to use these commands:
Well, the above was an excerpt from my firewalling rules (scripts.) You can use it by simply inserting your data in the places where I have variables: iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 11.22.33.44 (if eth0 is your external interface and where 11.22.33.44 is your external IP.) >#> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE The MASQUERADE target is for dynamic interfaces like ppp0. For static IPs you should use the above solution which I originally provided. >at which point I get the message: > >iptables: No chain/target/match by that name Hmmm, not sure why you receive this message. Any messages in syslog? Maybe you're simply missing the relevant modules? Have a look at http://netfilter.kernelnotes.org/ There you should find a tutorial about netfilter and its use. HTH, Ralf -- Verkaufe Original-BMW-Raeder: L I N U X .~. http://adsl-bergs.rz.rwth-aachen.de/~rabe The Choice /V\ of a GNU /( )\ Generation ^^-^^