> > The HOWTO suggested I should try something like > > > > ipfwadm -F -p deny (setting 'deny' as the default rule) > > ipfwadm -F -a masquerade -P tcp 192.168.0.0/255.255.0.0 -D 0.0.0.0/0 > ^^^^^^^^^^^ > is there a typo here or you're using the entire range from 192.168.0 to > 192.168.255. If you're using one C class (192.168.0.0), your mask should > be 255.255.255.0 (or 192.168.0.0/24).
Nope... we have at least four C classes from that router (192.168.10.0, 192.168.11.0, 193.160.12.0, 192.168.13.0), so I decided to try the more general approach just to make things easier... I'll try to follow some of the other suggestions, though, just to make the setup 'cleaner' (I think that specially using the '-W eth# should make the whole setting match my needs, allowing ONLY calls from the internal networks to be masqueraded... ;-) > Just curious: você não está utilizando o potato? Kernel 2.3.x? Por que não > utiliza o ipchains? (sorry all others :) No, potato & kernel 2.3.x are in my personal machine... the router has a much more 'conservative' setup ;-) Thanks for your support, everybody!!! Guilherme Zahn
