Pfui! The ipchains rules you've specified look okay (except for a minor
error that I assume is just a typo in the e-mail -- "/sbin/ipchains -p
forward DENY" should be "/sbin/ipchains -P forward DENY" -- case counts).
You might want to check what actual ipchains rules are running, with the
command "ipchains -L", to see if anything else has slipped in. Beyond that,
the only option I see is to run a packet sniffer on the external interface
and see what goes in and out.
Sorry I can't be of more help.
At 04:02 PM 1/14/00 -0500, Leandro Asnaghi-Nicastro wrote [in part]:
>Hello Ray,
>> 1. Please do send a copy of the ipchains rules. They are
>> tricky things, and just having another set of eyeballs on them
>> might help.
>
>As far as I can tell, NTP, FTP, POP3, telnet, and SMTP all work.
>HTTP and NNTP don't work from the machines behind the linux
>box; however, they work from the linux box.
>
>/sbin/depmod -a
>/sbin/modprobe ip_masq_ftp
>
>/sbin/ipchains -M -S 7200 10 160
>/sbin/ipchains -p forward DENY
>/sbin/ipchains -A forward -s 10.1.2.0/24 -j MASQ
>
[rest of Q&A deleted]
------------------------------------"Never tell me the odds!"---
Ray Olszewski -- Han Solo
Palo Alto, CA [EMAIL PROTECTED]
----------------------------------------------------------------
