Wouldnt setting all policies to ACCEPT mean a secure risk? How do I know if Nat is enabled. When I type lsmod I found NAt whith no additiona info ie autoclean used or unused.
--- Alexey Fadyushin <[EMAIL PROTECTED]> skrev: > I think that you should set all three policies in all tables to > ACCEPT. > Of course, you could use any other policies if you have added > specific > rules in the tables which will be used instead of the default > policies > for > the paxckets on you network. > > Also, if you are using NAT between LAN and ADSL, add the rule similar > to > the following rule into the table 'nat': > > iptables -t nat -A POSTROUTING -s 192.168.3.0/255.255.255.0 -j SNAT > --to-source x.x.x.x > > where x.x.x.x is the address of the external inteface of you router > (ADSL line). > > Alexey Fadyushin > Brainbench MVP for Linux. > http://www.brainbench.com > > > Saul Arias wrote: > > > > At 04:35 AM 30-08-02, Knut Ove Hauge wrote: > > >I have just installed iptables as a replacement for ipchains in my > rh > > >7.2 system. I downloaded a shell script with the rules but I cant > > >access internet nor from my linuze or windoze client. > > >I use eth1 for my adsl line and eth0 (ip address 192.168.0.1) for > my > > >lan card. The windoze has ip address 192.168.0.3. > > >I have enabled ip forwarding and can flush the rules in iptables > in the > > >beginning of the script. The input policy is set to DROP while the > > >other two is set to accept. > > >I cant ping any machines nor external or internal. > > >I'am new to iptables so I need some help on setting it up. > > > > Can you ping from the Linux box to, say, www.yahoo.com? > > Can you ping from the Linux box to 192.168.0.3? > > > > Can you do the pings above with iptables shut down? > > > > Can we see your script? > > > > -- > > Saul Arias <[EMAIL PROTECTED]> > > > > -- > > redhat-list mailing list > > unsubscribe > mailto:[EMAIL PROTECTED]?subject=unsubscribe > > https://listman.redhat.com/mailman/listinfo/redhat-list > > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list ===== Investigating the Norwegain 4.th Secret Service The multiheaded beast. http://hjem.sol.no/altiett/knut_ove_hauge_kuren.htm ______________________________________________________ Se den nye Yahoo! Mail på http://no.yahoo.com/ Nytt design, enklere å bruke, alltid tilgang til Adressebok, Kalender og Notisbok -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
