> Simple configuration.
> eth0 internet
> eth1 local net
> Everything accepted from eth1, nothing from eth0,
> traffic from eth1 is routed to internet.
> IP forwarding is enabled.
> From local net I can ping eth1 and eth0 (that means
> machine is routing packets), but I cant go outside
> eth0. Same happens when ther is no firewall. What's
> the problem with routing?
> What comands can I use to monitor what is happening
> with packets?
So do your masq/snat rules look like ?
Should be something like :
(echo "0" > /proc/sys/net/ipv4/ip_forward)
iptables -P FORWARD DROP
iptables -A FORWARD -i eth1 -o eth0 -s <local_net> \
-j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -s <local_net> \
-j SNAT --to-source <inet_ip> ** OR **
iptables -t nat -A POSTROUTING -o eth0 -s <local_net> \
-j MASQUERADE
(echo "1" > /proc/sys/net/ipv4/ip_forward)
Gr,
Rob
