> > FORWARD doesn't see those as destinated to 192.168.0.0/16, i guess. I'd > > rather use "state" module and write them as follows: > > > > iptables -A FORWARD -i eth0 -m state --state NEW,ESTABLISHED,RELATED \ > > -j ACCEPT > > > > iptables -A FORWARD -i eth1 -m state --state ESTABLISHED,RELATED \ > > -j ACCEPT > I got error: "iptables: No chain/target/match by that name".
You'll get this message if you don't have connection tracking enabled in the kernel (or if it is a module, the module hasn't been loaded). > I am newbie in such staff. > Is there anybody succeded with setting up home router with > http://www.gentoo.org/doc/en/home-router-howto.xml? Most of the googling you might do on this typically will point to a floppy-based distribution for setting up a router (because they are less concerned with a usable linux box as they are setting up a secure routing system). I know that o'reilly has a book on linux iptables (check out http://www.oreilly.com) which I found to be a great reference on setting up a complete set of iptables rules in conjunction with building a fully-functional linux system that also acts as a router/firewall. -- gentoo-user@gentoo.org mailing list
