Your config looks ok, but to double check, paste the output of: iptables -L -nv iptables -t nat -L -nv to see the exact situation. > OK, on machines at the internal side of my LAN, I can ping everywhere. > But I can not use the browser with all addresses, for example I can't > get to www.archlinux.org through frirefox or midori, neither > www.debian.org. > > Weird thing www.google.com, and some other sites can be reached > through firefox on machines inside the LAN. What's the error you are getting. Are you ping-ing by name or by an IP address. Have you tried ping-ing with different packet sizes? on your gateway machine run tcpdump on both the LAN and ppp0 interface and see if the packets go through. -- damjan
