<snip> >> [EMAIL PROTECTED] [2] ~]# netstat -nr >> Kernel IP routing table >> Destination Gateway Genmask Flags MSS Window irtt >> Iface >> 192.168.5.0 0.0.0.0 255.255.255.0 U 0 0 0 eth4 >> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth5 >> 192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth6 >> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth6 >> >> [EMAIL PROTECTED] [5] ~]# iptables -L -n -v >> Chain INPUT (policy ACCEPT 1758 packets, 182K bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain FORWARD (policy ACCEPT 89 packets, 6036 bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain OUTPUT (policy ACCEPT 600 packets, 69134 bytes) >> pkts bytes target prot opt in out source >> destination >> [EMAIL PROTECTED] [6] ~]# iptables -L -n -v -t nat >> Chain PREROUTING (policy ACCEPT 1006 packets, 135K bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain POSTROUTING (policy ACCEPT 92 packets, 6288 bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain OUTPUT (policy ACCEPT 4 packets, 312 bytes) >> pkts bytes target prot opt in out source >> destination >> [EMAIL PROTECTED] [7] ~]# iptables -L -n -v -t nat -t mangle >> Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain INPUT (policy ACCEPT 0 packets, 0 bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) >> pkts bytes target prot opt in out source >> destination >> >> Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) >> pkts bytes target prot opt in out source >> destination >> </snip>
1) there is no default gateway entered in your netstat -nr command. Gateway 0.0.0.0 is missing in your routing table. So, where do you expect to go your traffic to? 2) you need the appropiate entries for accepting connections with iptables. just setting the ip.forward.v4 param is not that enough (IMHO). Use system-config-firewall: - set the NIC you want to accept connection as a trusted device (for test purposes now) - add a forward rule to the nic, you want to to forward, such as : iptables -A FORWARD -i [NIC_TO_FORWARD] -j ACCEPT Try, then you should see using iptables -L -v some traffic on the NIC and in the FORWARD state. HTH Roger -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines