Hi,
stupid question but has the inside machine got a default gateway to the firewall?
Last time I checked the default gateway was set to the firewall.
Have you also tried running tcpump with the command : tcpdump -x port 3389 and host public_ip
to check the traffic and the direction all of it going to and from?
tcpdump is broke on this box ARGH.
But I double checked to see if I could connect to the firewalled box while I was connected to the firewall, and I could. As soon as I add rules to allow traffic on the INPUT and OUTPUT chains from and to the firewalled box I can connect from the firewall to the firewalled box using FTP or WWW. but not through the firewall.
TIA,
B.
____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx
Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au
-----Original Message----- From: B. van Ouwerkerk [mailto:bvo@xxxxxx] Sent: Thursday, May 22, 2003 7:34 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: nat no traffic returns
> > iptables -P FORWARD DROP > > >You are only allowing packets through the forward chain in the direction >eth1->eth0. >There is no packet allowed in the other direction. >iptables -A FORWARD -i eth0 -o eth1 -d 10.0.0.112 -m multiport --dport >3389,21,80 -m state --state NEW -j ACCEPT >iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
Thank you for your reply, you are right.. but it didn't help..
Been looking a bit further.. again.. iptables -v -L tells that packets are forwarded to eth1, on eth1 I notice that the TX bytes is increasing but the RX are stable at the same value. Would it be correct to assume this is not an iptables issue but an issue of the box behind the Linux box?
TIA,
B.
