On Thu, Nov 07, 2002 at 12:03:24PM -0200, Christoph Simon wrote...... > > I didn't read the start of the thread, but from what I'm seeing here, > you are missing some masquerading or source nat. First make sure, the > default policy of all enabled iptables is ACCEPT and not DROP (most > probably, it's OK). Then, you need to add an iptables-rule like: > > iptables -t nat -A POSTROUTING -s $LAN -o eth1 -j SNAT $IPE > > if you have a static external IP address, or just > > iptables -t nat -A POSTROUTING -s $LAN -o eth1 -j MASQUERADE > > assuming that LAN is something like 10.0.0.0/8 (your local network and > mask), eth1 is your external interface and IPE is the external IP you > have
I added everything you suggested per my setup, and I'm still not getting
packets through.
One other thing I've noticed is that if I 'ps aux|grep iptables' I don't
get anything but the grep back. Shouldn't iptables be running as a
process? With that in mind, I tried starting it with
'/etc/init.d/iptables start' but am given the err message:
sumida:/home/kosuke# /etc/init.d/iptables start
Aborting iptables load: unknown ruleset, "active".
Note that I try starting it 'after' having loaded the following from a
simple script:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -F
iptables -F -t nat
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -s ${LAN} -o eth1 -j MASQUERADE
where LAN is 10.0.0.0/8 (client is 10.10.10.156 and proxy box is
10.10.10.10).
Thanks again for the attention and help.
Kevin
--
Kevin Coyner
mailto: [EMAIL PROTECTED]
GnuPG key: 1024D/8CE11941
msg11586/pgp00000.pgp
Description: PGP signature
