On Sunday 06 October 2002 5:40 pm, Antony Stone wrote: > On Sunday 06 October 2002 11:21 pm, Nuitari wrote: > > On Sat, 5 Oct 2002, Antony Stone wrote: > > > Show us the rest of your rules. > > > > iptables -P FORWARD ACCEPT > > Ugh :-( Horrible. PS: I forgot to mention in my previous reply that by the time I got to the bottom of your ruleset, I hadn't seen a single DROP or REJECT rule, therefore your "Firewall" is not blocking anything :-) With a default ACCEPT policy explicitly set on the FORWARD chain, and without changing the implicit default ACCEPT policy on the INPUT and OUTPUT chains, your netfilter rules are not actually doing anything at all, except for the address translation :-) Antony. -- There are two possible outcomes. If the result confirms the hypothesis, then you've made a measurement. If the result is contrary to the hypothesis, then you've made a discovery. - Enrico Fermi
