> computers on my LAN to gateway to the internet via my Linux Modem. My You use a modem, so I guess you have aa ppp internet interface and a dynamic IP address. That's why we'll be using MASQUERADE. Otherwise use SNAT. > my lan which will fall in the ip range of 192.168.168.0/24. # First disable forwarding so that nothing will happen before your rules are set. echo 0 > /proc/sys/net/ipv4/ip_forward # Forward packets coming from your LAN to internet, DROP everything else. # When not specifying a table, the filter table is assumed. iptables -P FORWARD DROP iptables -A FORWARD -i <if_lan> -o <if_inet> -s 192.168.168.0/24 -j ACCEPT iptables -t nat -A POSTROUTING -o <if_inet> -s 192.168.168.0/24 -j MASQUERADE # Enable forwarding. echo 1 > /proc/sys/net/ipv4/ip_forward Gr, Rob
