On Sun, 6 Oct 2002, Antony Stone wrote: > On Sunday 06 October 2002 5:40 pm, Antony Stone wrote: > > > On Sunday 06 October 2002 11:21 pm, Nuitari wrote: > > > On Sat, 5 Oct 2002, Antony Stone wrote: > > > > Show us the rest of your rules. > > > > > > iptables -P FORWARD ACCEPT > > > > Ugh :-( Horrible. > > PS: I forgot to mention in my previous reply that by the time I got to the > bottom of your ruleset, I hadn't seen a single DROP or REJECT rule, therefore > your "Firewall" is not blocking anything :-) > > With a default ACCEPT policy explicitly set on the FORWARD chain, and without > changing the implicit default ACCEPT policy on the INPUT and OUTPUT chains, > your netfilter rules are not actually doing anything at all, except for the > address translation :-) > > Antony. > > I know that I need to change it, but it still doesn't solve the counting problem. Btw, I didn't get your previous reply, can you cc it to me ?
