On Saturday 26 June 2004 8:41 am, yunus wrote:
> Dear netfilter gurus,
>
> I am new to iptables. The computer on which I want to use iptables is a
> Redhat linux 7.3 with satellite pentanet card. I want to filter the
> traffice forwarded to our LAN. When I use:
>
> iptables -P Forward DROP
> iptables -A INPUT -m state --state RELATED, ESTABLISHED -j ACCEPT
> iptables -A Forward -m state --state RELATED, ESTABLISHED -j ACCEPT
>
> It still does not allow me to browse from the LAN. Outgoing is through
> router serial port.
Well, if that's your complete ruleset, the main problem is that you are
allowing established connections, but you have no way to establish them (ie:
you are not allowing any NEW packets through).
If that's not your complete ruleset, then please post it so we can see what
your firewall is being told to do.
Regards,
Antony.
--
All matter in the Universe can be placed into one of two categories:
1. Things which need to be fixed.
2. Things which need to be fixed once you've had a few minutes to play with
them.
Please reply to the list;
please don't CC me.
