"Scott C. Best" wrote: > > Eyal: > Heya. The problem adding some ACCEPT rules to allow > one address to work, though, is that these rules must be > inserted into the ipchains input chain *before* the rule > which DENY's the whole range. Else the packet will be dropped > before it gets to the forward chain.
[trimmed] > Eyal wrote: > > If so then I prefered to not open the whole range, but instead > > open just the one IP where the modem http server sits. I chenged > > the end of my /etc/ipfilter.conf by adding the following last > > section. The Alcatel SpeedTouch Home uses the 10.0.0.138 address, > > find out what yours uses. Note the "1" below which means "insert at top": > > $IPCH -I forward 1 -j MASQ -p tcp \ > > -s $NET -d $ADSL_SERVER_IP www -i eth0 -- Eyal Lebedinsky ([EMAIL PROTECTED]) <http://samba.org/eyal/> ------------------------------------------------------- This sf.net email is sponsored by: Jabber - The world's fastest growing real-time communications platform! Don't just IM. Build it in! http://www.jabber.com/osdn/xim ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
