Dan Farrell schrieb: > On Mon, 10 Sep 2007 22:48:20 +0200 > Hans-Werner Hilse <[EMAIL PROTECTED]> wrote: > >> is on what computer? On the "server" (I guess it's the router) the >> last line would effectively prevent routing for the client (but I >> don't know why ICMP works...). I would suggest starting without it >> and then setting up proper rules -- and then setting the chain's >> policy to DROP (plus some REJECT rules for proper answers). > > I agree, I thought your firewall rules were a little wacky too. These > rules only route to one host. generally you'd want to route to a whole > network, not just one host. > >> (but I don't know why ICMP works...). >
Well, as I've written, they aren't "my" rules. I just copied and pasted them. I know just as much about iptables as I know about cars. I know the theory, I've seen the building process from like 10 meters distance and I use finished product. I'd really appreciate if you could post the correct settings or config file(s). -- [EMAIL PROTECTED] mailing list