On Tue, 20 Aug 2002, Hernan Brun wrote:
> Hi list! I have a problem.
> I´ve install redhat 7.3 with 2 int eth0 and eth1.
> When start load iptables modules. ip_tables , nat ,etc.
> but from a terminal machine (windows) cant work with Netscape or cant ping
> any ip.
> 192.168.0.2 /24 is the ip of windows machine.
> When I ping any host the error is Destination host unreachable.
> What is wrong??
> thanks in advance
> my external ip es 200.45.255.200
> my internal ip 192.168.0.1
>
> THANKS IN ADVANCE
> Hernan
>
> the iptables rules are:
> IPTABLES=/sbin/iptables
> /sbin/depmod -a
> /sbin/insmod ip_tables
> /sbin/insmod ip_conntrack
> /sbin/insmod ip_conntrack_ftp
> /sbin/insmod iptable_nat
> /sbin/insmod ip_nat_ftp
> echo "1" > /proc/sys/net/ipv4/ip_forward
> echo "1" > /proc/sys/net/ipv4/ip_dynaddr
> $IPTABLES -P INPUT ACCEPT
> $IPTABLES -F INPUT
> $IPTABLES -P OUTPUT ACCEPT
> $IPTABLES -F OUTPUT
> $IPTABLES -P FORWARD DROP
> $IPTABLES -F FORWARD
> $IPTABLES -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j
^^^^^^^^^^^^^^^
It looks like you've got your interfaces reversed, there.
> ACCEPT
> $IPTABLES -A FORWARD -i eth1 -o eth0 -j ACCEPT
> $IPTABLES -A FORWARD -j LOG
> $IPTABLES -t nat -A POSTROUTING -o eth0 -j MASQUERADE
For what it's worth, my forward rulles look like so:
$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -p all -m state --state NEW -s 192.168.0.0/24 -j ACCEPT
with my MASQUERADE line looking just like yours.
Hope this helps.
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
