On Saturday 26 October 2002 10:16 pm, Irvan Adrian Kristiono wrote: > iptables -t nat -A POSTROUTING -s 192.168.15.0/24 -o > eth0 -j SNAT --to-source myinternetip Is that your complete ruleset ? You have *no* other rules ? > when i try to browse from my workstation which at 192.168.15.0/24 > it cannot find any page.. so i try ping command to yahoo.com > IP, and get the reply. When you "try to browse from your workstation" is that machine able to resolve the name to an IP address or not ? When you try pinging to yahoo.com and get a reply is that also from the workstation, or from the firewall ? Tell us: 1. The output of iptables -L -n -v 2. The routing table on your firewall (route -n) 3. Whether the firewall can resolve names (ping www.netfilter.org - doesn't matter whether you get a reply; does it resolve the IP address ?) 4. Whether the workstation can resolve names (ping www.samba.org - doesn't matter whether you get a reply; does it resolve the IP address ?) Antony. -- How I want a drink, alcoholic of course, after the heavy chapters involving quantum mechanics. - 3.14159265358979
