> sufficient to use the MASQUERADE rule, no FORWARD rule needed. If MASQUERADE > isn't working, you can also try the SNAT rule. > > To see how your packets are going through iptables, you can turn on some > logging: > > iptables -A PREROUTING -t nat --in-interface eth1 -j LOG --log-prefix "nat: > " > iptables -A FORWARD --in-interface eth1 -j LOG --log-prefix "out-fwd: " > > and so on. > > These logs are kernel messages, so if kernel logs aren't enabled, you can > edit > the /etc/syslog.conf file and restart syslogd. For example: > > kern.* /var/log/messages > > > Just a thought, how is your machine B resolving DNS? I'm assuming that > machine A > gets its networking values including DNS from the modem. Is it communicating > this to machine B? Maybe it's a DNS issue. For example, are you testing by > pinging "google.com" or directly via an IP address? > Hi Chinh, on machine B DNS resolution doesn't work at all because the name servers are on the internet which it can not access. So I'm not pinging google.com but the IP addresses. I've turned on logging and when I try to ssh, ping, etc, from B to A then I get these messages on both B and in the logs of A: kernel: nat: IN=eth1 OUT= MAC=(mac address of eth1) SRC=(IP of machine B) DEST=213.191.74.18 LEN=54 TOS=0x00 PREC=0x00 TTL=64 ............ kernel: out: IN=eth1 OUT=ppp0 SRC=(IP of machine B) DEST=213.191.74.18 ........... What does this supposed to mean? :)
