Hello! I found out that when I run iptables rule below:
#!/bin/bash IPTABLES='/sbin/iptables' # Set interface values EXTIF='eth1' INTIF1='eth0' # enable ip forwarding in the kernel /bin/echo 1 > /proc/sys/net/ipv4/ip_forward # flush rules and delete chains $IPTABLES -F $IPTABLES -X # enable masquerading to allow LAN internet access $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE # forward LAN traffic from $INTIF1 to Internet interface $EXTIF $IPTABLES -A FORWARD -i $INTIF1 -o $EXTIF -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT #echo -e " - Allowing access to the SSH server" $IPTABLES -A INPUT --protocol tcp --dport 22 -j ACCEPT #echo -e " - Allowing access to the HTTP server" #$IPTABLES -A INPUT --protocol tcp --dport 80 -j ACCEPT $IPTABLES -I INPUT --protocol tcp --dport smtp -i INTIF1 -j REJECT ------- ip address of the nic connected to the modem is not pinged. But I don't set any restriction for icmp??? In thins case I don't use rp-pppoe connection. ADSL modem internally has have to interfaces lan and wan. Modem has its own static ip, and nic has also static ip: modem ip xxx.xxx.xxx.157 modem wan ip xxx.xxx.xxx.71 eth connected with modem xxx.xxx.xxx.158 askar -- gentoo-user@gentoo.org mailing list
