$IPTABLES -A INPUT -p UDP -i $INET_IFACE -j udp_packets Should be setup in the FORWARD chain, since the DNS request was not sent from the local machine itself. $IPTABLES -A FORWARD -p UDP -i $INET_IFACE -j udp_packets -----Original Message----- From: DALive Editor [mailto:dalive@xxxxxxxxxxxxx] Sent: Tuesday, September 23, 2003 3:48 PM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Iptables router issue Objective: To use a single Penguin box to do everything. (at least for now). But more importantly to route traffic to and from a private lan to the internet, and to filter off open ports of the box. Problem: When DNS lookup to my client returns the my internet dynamic ip) as it should for my own domain, for some reason my firewall filters out the traffic. Although it's to an open port and the firewall is suppose to accept all traffic from the lan. Host Setup Kernel from RH9 Distribution and latest version of Iptables (having been haveing probs with settign up my own kernel) Network Map: eth0 -- 192.168.100.1 -- internal lan's NIC eth1 -- dynamic address -- internet's NIC Additional Information: I have attached my firewall script as a .txt file. Your assistance is much appreciated and anticipated. Thank you.
