Hi, I'm setting up a double network and a connection to the Internet. Configuration: capone || (192.168.127.100) | | (192.168.127.254) || bugsy====(cc1.cc2.cc3.123)--------(cc1.cc2.cc3.254)===Internet || (192.168.128.254) | | (192.168.128.201) || masters (net1 == utp == 192.168.127.*) (net2 == bnc == 192.168.128.*) I want masters and capone to see each other, and them to be able to reach the internet through masquerading. I set up following ipchains configuration on bugsy: ipchains -P forward ACCEPT ipchains -A forward -s capone -d bnc/24 ipchains -A forward -s masters -d utp/24 ipchains -A forward -s capone -j MASQ ipchains -A forward -s masters -j MASQ I'm now able to ping between masters and capone and they both can reach the internet, but when I do an ssh from masters to capone, close it down and reopen it, then capone responds last login from bugsy. Which makes me conclude NO forwarding is performed WITHOUT masquerading between capone and masters. Any explanation ? I also wanted to add some more security through the -i flag, but I wasn't able to perform this. The rule apparently was accepted, but then the packages didn't go through at all anymore... I tried ipchains -P forward ACCEPT ipchains -A forward -i eth0 -s capone -d bnc/24 ipchains -A forward -i eth1 -s masters -d utp/24 ipchains -A forward -i eth0 -s capone -j MASQ ipchains -A forward -i eth1 -s masters -j MASQ * Greetings from - Groetjes vanwege * Dieter Demerre ----- [EMAIL PROTECTED] http://www.angelfire.com/de/ddemerre/ pgp:[EMAIL PROTECTED]<-idap://certserver.pgp.com - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to [EMAIL PROTECTED]
