Daniel Nogradi wrote: > Anyway, what I have tried is: > > # make sure we start from zero > > iptables --flush > iptables -t nat --flush > iptables --delete-chain > iptables -t nat --delete-chain > > # set up masquerading from LAN to modem which is hook up on eth0 > > iptables -t nat -A POSTROUTING --out-interface eth0 -j MASQUERADE > > # allow forwarding from LAN which is hookup up on eth1 > > iptables -A FORWARD --in-interface eth1 -j ACCEPT I think that when you have a rule like this, you need the converse. ie, iptables -A FORWARD --in-interface eth0 -j ACCEPT If you want restrictions such that connections are initiated from B only, you could restrict the inbound forward. iptables -A FORWARD --in-interface eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT > > # enable ip forwarding > > echo 1 > /proc/sys/net/ipv4/ip_forwarding > > Just to recap, my configuration is this: > > machine A - eth0 ------------------ modem ------------ internet > | > eth1 > | > | > | > hub > | > | > machine B > > And I would like to access the internet from machine B, however the > above rules don't work even without specifying the sources and > allowing everything. > > Any ideas? >
