On Fri, Aug 08, 2014 at 08:24:11PM +0200, Nemeth Gyorgy wrote: > 2014-08-08 09:04 keltez?ssel, Mike McClain ?rta: > > I've been trying to get my hand rolled iptables firewall to > > masquerade traffic on the LAN to/from a Win2K box. I've gotten it to > > the point that I can ping from the boxes both ways, smbclient can move > > files both ways and the Win2K box can ping Google's IP address but DNS > > lookup fails even though I've used the same DNS server in the Win2K > > box as on my Debian box which access the Inet via dialup. IE says > > "Cannot find server or DNS error." < <snip> >
> It's a rather complicated, sometimes overcomplicated script. But some > rules are missing and/or not in the correct order. I've little doubt you are correct, admittedly I'm flailing a bit. Trying this and that with little luck. I'd appreciate it if you'ld be a little more explicit as to what's missing and out of order. I'm running no external services. > To keep things more simple I suggest to do a minimal script and you can > make it more complicated later. <snip> I did exactly as you suggested, implimenting a minimalist set of rules, only the 5 you mentioned and saw improvement. now the Win2K box can ping google.com and get a reply but IE still can't connect to Google.com nor several other sites I tried, still reporting, "Cannot find server or DNS error." Thanks for your help. Any further suggestions? Mike -- "Imagination is looking at a dot in the sky and seeing it as another world is looking at the world and seeing it as as just a dot in the sky. is seeing a garden in the galaxy Is seeing a galaxy in the garden." - Jon Lomberg, space artist and journalist.. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140809234918.GD11824@playground