[plug] routing problem
proXy
davyd at iprimus.com.au
Thu Aug 8 22:46:29 WST 2002
On Thu, 2002-08-08 at 22:54, Jon Miller wrote:
> Cannot route from workstation out to Internet, can route from server. default gw is okay can ping server.
Is it routing or DNS?
Assuming it's routing, have you set your iptables correctly?
Something like:
iptables -P FORWARD DROP
iptables -A FORWARD -i $internal_if -o $external_if -j ACCEPT
iptables -A FORWARD -i $external_if -o $internal_if -m state --state
RELATED,ESTABLISHED -j ACCEPT
# and optional
iptables -A FORWARD -j LOG
Should be suitable to do basic masqurading.
Also, ensure that /proc/sys/net/ipv4/ip_forward is set to 1
ie: echo "1" > /proc/sys/net/ipv4/ip_forward
In debian you can set this permanantly (so it is still set to 1 on a
reboot) in /etc/network/options
Hope this helps
--proXy
--
http://davyd.ucc.asn.au/
linux.conf.au Perth 2003 <http://www.linux.conf.au>
PGP Fingerprint <http://davyd.ucc.asn.au/pgp>
08B0 341A 0B9B 08BB 2118 C060 2EDD BB4F 5191 6CDA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20020808/5fa7f2d9/attachment.pgp>
More information about the plug
mailing list