Jose, You show your filters (iptables -t filter -nL), but you don't show your NAT tables. You should probably be using NAT/masquerading on this machine, since it connects an RFC1918 network (172.16.0.0/xx) to the Internet. Check the netfilter list, archives, and HOWTOs--LARTC isn't the right forum for your question. http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html http://iptables-tutorial.frozentux.net/ Nonetheless, you probably want to do something like this: # iptables -t nat -A POSTROUTING -o $OUTSIDE_INTERFACE -j SNAT \ > --to-source x.y.z.8 Good luck, -Martin : Hi all, : : I'm new to iproute2 and iptables. It's a very simple topology: : : world--a.b.c.d--|router|--x.y.z.10--x.y.z.8--|linux+iptables| : | : 172.16.0.1 : | : / \ : / HUB : linux1=172.16.0.200 : : I can ping x.y.z.8 from privite net linux1 or $windows but not : the router interface x.y.z.10. : Here are my settings: : -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
