Hans-Werner Hilse schrieb: > Hi, > > On Mon, 10 Sep 2007 20:59:03 +0200 > Florian Philipp <[EMAIL PROTECTED]> wrote: > >> I'll attach relevant ifconfig, route and iptables -L output. > > Hm, OK. This: > ----snip---- > Chain FORWARD (policy ACCEPT) > target prot opt source destination > ACCEPT all -- 10.8.0.1 anywhere > ACCEPT all -- anywhere 10.8.0.1 > DROP all -- !10.8.0.1 anywhere > ----snip---- > > is on what computer? On the "server" (I guess it's the router) the last > line would effectively prevent routing for the client (but I don't know > why ICMP works...). I would suggest starting without it and then > setting up proper rules -- and then setting the chain's policy to DROP > (plus some REJECT rules for proper answers). > > Dan's hint is also worth investigating. > BTW: use route/ifconfig/netstat/iptables' "-n" switch to make analysis > easier! > > -hwh
I followed the howto's nomenclature of "server" and "client". I'm a bit puzzled right now. Is there anything essentially wrong with the howto ( http://gentoo-wiki.com/HOWTO_quick_routing )? I followed it word by word. The drop rule is explained as "#prevent others ip from conecting to my eth0" -- [EMAIL PROTECTED] mailing list
