/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> eth0: ip address assigned by the DHCP server
> eth1: 10.0.0.1 Netmas 255.255.255.0 on all for 10.0.0.
> test1: (same as in the HOWTO)
> ipchains -P forward DENY
> ipchains -F forward -j MAS -s 10.0.0.0/255.255.255.0 -d 0.0.0.0/0
I'm hoping this is just a typo. And you mean "-A forward" and "-j MASQ".
If that's the case, then this should work just fine. If it doesn't,
then perhaps it's a simple case of having IP-forwarding turned off.
Try this:
cat /proc/sys/net/ipv4/ip_forward
If it says "0", that's the problem.
> ipchains -F forward -j MAS -s 10.0.0.0/255.255.255.0 -d 0.0.0.0/0 -P all -i eth1
Adding "-i eth1" is going to make things worse, because in "forward"
rules, the "-i" specifies the DESTINATION interface, not the source. So
you would want to give "eth0".
> Then I switched to ipfwadm, I knew this will not work, but I tried it
> anyways...
If IP-forwarding is turned off, nothing's going to work. :)
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Just about every computer on the market
sometimes known as David DeSimone || today runs Unix, except the Mac (and
http://www.dallas.net/~fox/ || nobody cares about it). -- Bill Joy '85
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
