Hello, Heres the description of my problem.
Workstations inside my LAN have masqueraded access to the net. Most of the addresses can be accessed without any problem, but some of them cant be reached, yet our gateway can access them without any problem. Our gateway is directly connected to our ISP and implements our firewall rules. Gateway runs Potato 2.2 with kernel 2.2.19. My workstation runs Woody, but the same problems occur on a Windows workstations. Examples of such addresses are: www.admission.com www.futureshop.ca http://205.158.109.140/XFree86_40/1.0-2313/ (NVidia's drivers) +-> i can reach http://205.158.109.140/XFree86_40/, but cant access subdirectory /1.0-2313 from inside the lan. Weird, isnt it? I would guess these are three symptoms of the same problem. Anyone has an idea on what it might be? The firewall script is listed at the end of this mail. Thanks for the help! Pat Mahoney, no 22 #! /bin/bash # echo 1 > /proc/sys/net/ipv4/ip_forward ## Flush everything, start from scratch /sbin/ipchains -F input /sbin/ipchains -F output /sbin/ipchains -F forward /sbin/ipchains -F my-chain /sbin/ipchains -X my-chain /sbin/depmod -a /sbin/ipchains -A forward -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT /sbin/ipchains -A forward -s 192.168.1.0/24 -d 0.0.0.0/0 -j MASQ /sbin/ipchains -A my-chain -p tcp -s 192.168.1.0/24 www -d 0.0.0.0/0 www -j ACCEPT
