>> >> #setup NAT >> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE >> >> >> #forward chain >> >> #syn flood limiting >> iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT >> iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit >> 1/s -j ACCEPT >> >> >> #enable ip forwarding >> echo 1 > /proc/sys/net/ipv4/ip_forward
> This is the relevant portion. Except for the fact that the limits > are too tight everything else looks good. What is the default > policy of the FORWARD chain? > Ramin I have no default policy for FORWARD. The friend from whom I recieved these rulesets informs me it isn't needed. He uses a carbon copy of the same rules, with no problems. Tyler
