(sorry if the formating is screwed up, I have only lynx at the moment) > > echo 0 > /proc/sys/net/ipv4/ip_forward > > $ipt -P FORWARD DROP > > $ipt -F FORWARD > > $ipt -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > > $ipt -A FORWARD -m state --state NEW -i eth1 -o eth0 \ > > -s 192.168.11.0/24 -j ACCEPT > > $ipt -t nat -F POSTROUTING > > $ipt -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.168.10.101 > > echo 1 > /proc/sys/net/ipv4/ip_forward This set of rules didn't work either and in fact I don't understand why should one of the machines be named 192.168.11.x, everything being 192.168.10.x is not okay? Anyway, what I have tried is: # make sure we start from zero iptables --flush iptables -t nat --flush iptables --delete-chain iptables -t nat --delete-chain # set up masquerading from LAN to modem which is hook up on eth0 iptables -t nat -A POSTROUTING --out-interface eth0 -j MASQUERADE # allow forwarding from LAN which is hookup up on eth1 iptables -A FORWARD --in-interface eth1 -j ACCEPT # enable ip forwarding echo 1 > /proc/sys/net/ipv4/ip_forwarding Just to recap, my configuration is this: machine A - eth0 ------------------ modem ------------ internet | eth1 | | | hub | | machine B And I would like to access the internet from machine B, however the above rules don't work even without specifying the sources and allowing everything. Any ideas?
