I am using the following setup:
Internet
|
Cable Modem
|
| -- Firewall: eth0 (IP assigned by DHCP)
|
Firewall
|
| -- Firewall: eth1 (static: 192.168.0.254)
|
.... Null Ethernet Cable ....
|
| -- Workstation: eth0 (static: 192.168.0.1)
|
Workstation
>From the firewall, I can ping the workstation and I can get full access to the
Internet. From the workstation, I can ping the firewall and I can ping
66.218.71.84 (yahoo) but I can't get Mozilla to work. I have attached my
iptables rules.
Any ideas?
...Stephen
# Generated by iptables-save v1.2.4 on Fri May 26 14:19:36 1995
*nat
:PREROUTING ACCEPT [519:42839]
:POSTROUTING ACCEPT [237:15567]
:OUTPUT ACCEPT [236:15705]
[93:7041] -A POSTROUTING -s 192.168.0.0/255.255.255.0 -o eth0 -j MASQUERADE
COMMIT
# Completed on Fri May 26 14:19:36 1995
# Generated by iptables-save v1.2.4 on Fri May 26 14:19:36 1995
*filter
:INPUT DROP [224:19779]
:FORWARD DROP [188:12590]
:OUTPUT ACCEPT [1434:107304]
:tcprules - [0:0]
[500:52099] -A INPUT -j tcprules
[556:47547] -A FORWARD -j tcprules
[805:74775] -A tcprules -i eth+ -j LOG --log-prefix "Received Packet: "
[370:39943] -A tcprules -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
[11:953] -A tcprules -i ! eth0 -j ACCEPT
[90:13372] -A tcprules -i eth0 -j LOG --log-prefix "Dropped: "
[90:13372] -A tcprules -i eth0 -m state --state INVALID,NEW -j DROP
COMMIT
# Completed on Fri May 26 14:19:36 1995
