Am 08.03.2012 16:16, schrieb nullv@xxxxxxx: > for some reason I can't make a connection to the external mail > server from inside the lan. even from the 10.0.0.3 address which > should be allowed to do anything. everything used to work when i > used MASQUERADing but stopped once i switched to SNAT. Can anybody > help me? What am I doing wrong?? what you are doing wrong is change working things the following works perfectly (eth1: WAN, eth0: LAN) iptables -t filter -P INPUT ACCEPT iptables -t filter -P FORWARD ACCEPT iptables -t filter -P OUTPUT ACCEPT iptables -t nat -P PREROUTING ACCEPT iptables -t nat -P POSTROUTING ACCEPT iptables -A FORWARD -i eth1 -d 192.168.1.0/24 -j ACCEPT ipatbles -A POSTROUTING -t nat -s 192.168.1.0/24 -o eth1 -j MASQUERADE ________________________ what is this???????????????????????? -A INPUT -i eth1 -j ACCEPT you do not really want input independent of the state iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
