Hi. This is probably a configuration problem, but I'm not sure. It seems strange. I have a home lan using the 192.168.0.0/24 addresses behind a firewall machine using NAT. The NAT works just fine, it seems to be able to keep track of connections, even replies to udp packets are handled correctly. However, replies to packets sent from the machine itself, not using NAT, are blocked by the packet filter. This is of course very inconvenient, as I can't do anything from this computer that talks to the internet. I can't figure out what's wrong. I'm using kernel 2.4.10. Perhaps this is a bug that has since been fixed? I hope this is an appropriate place to ask this. $outaddr is the outside address. #iptables -t filter -L -n Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 192.168.0.0/24 0.0.0.0/0 ACCEPT all -- 0.0.0.0 0.0.0.0/0 # I put this in to allow dhcp requests. LD all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain LD (1 references) target prot opt source destination LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 DROP all -- 0.0.0.0/0 0.0.0.0/0 #iptables -t nat -L -n Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy DROP) target prot opt source destination SNAT all -- 192.168.0.0/24 0.0.0.0/0 to:$outaddr ACCEPT all -- $outaddr 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
