Eugen A. Onoi wrote:
> I tried to configure IP Masq using kernel 2.2.2 and ipchains 1.3.8
> kernel built with masq support and this ipchains settings:
> ipchains -P forward DENY
> ipchains -A forward -j MASQ -s 192.168.0.0/24 -d 0.0.0.0/0
> but this doesn't work for me :(
>
> with 2.0.36 kernel and ipfwadm all was fine
> Can anyone explain me what I'm doing wrong ?
Not offhand. However, a useful technique for debugging firewall rules
which seem to block too much traffic is to add a catch-all logging
rule to the end of the list, e.g.
ipchains -A forward -j DENY -l
This will log all of the packets which fail to match any other rule,
and so would be subject to the policy (-P) setting.
--
Glynn Clements <[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
