On Sunday 28 March 2004 20:52, Cody Harris wrote: > This is my firewall setup: > Chain FORWARD (policy ACCEPT) > target prot opt source destination > ACCEPT all -- anywhere anywhere > ACCEPT icmp -- anywhere anywhere icmp > echo-reply ACCEPT icmp -- anywhere anywhere > icmp destination-unreachable ACCEPT icmp -- anywhere > anywhere icmp redirect ACCEPT icmp -- anywhere > anywhere icmp echo-request ACCEPT icmp -- anywhere > anywhere icmp time-exceeded ACCEPT tcp -- > anywhere 192.168.0.2 tcp dpt:ssh > We have noticed that ssh isn't getting forwarded. What's wrong? What about the replies from SSH which will come from source port 22? Either add a rule to explicitly allow from sport ssh or add an ESTABLISHED/RELATED rule in there. David
