> Hi Chinh and Rob, > > Let me first thank you both very much for your help and explanation, You're welcome. > now everything works, routing was the problem as well as me not > understanding the iptables rules properly so was always setting > something not correct. I don't know if you found it already, but I find Oscar's iptables tutorial a good read : http://iptables-tutorial.frozentux.net/iptables-tutorial.html >> Additionally, resources on the net regarding PPP connections >> (usually bound to eth0) has a similar ppp0 configuration as yours. >> But the associated interface (usually eth0) for a ppp0 connection is >> usually down and not configured. >> >> DEVICE=eth0 >> ONBOOT=no > > Thanks for this as well, I changed it to ONBOOT=no. Are you by any change using an Alcatel/Thomson ADSL modem (don't know if this is going to work on other modem brands) ? In that case you may be able to get rid of ppp0 by using SIP spoofing (which has nothing to do with VOIP) and have the internet IP address directly on your NIC. I find it easier to use, but the only modem/router I know of that can do this are manufactured by Alcatel/Thomson. > At the moment my rules are: > > echo 0 > /proc/sys/net/ipv4/ip_forward > iptables --flush > iptables -t nat --flush > iptables --delete-chain > iptables -t nat --delete-chain > iptables -P FORWARD DROP > iptables -F FORWARD > iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT > iptables -A FORWARD -o eth0 -i ppp0 -j ACCEPT This is effectively the same as having no rules in the FORWARD chain when it's policy is ACCEPT. (Okay, not completely because you didn't specify the eth1 device.) For a start, make that : iptables -A FORWARD -m state --state NEW -i eth0 -o ppp0 -j ACCEPT iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > iptables -t nat -F POSTROUTING > iptables -t nat -A POSTROUTING -j MASQUERADE > echo 1 > /proc/sys/net/ipv4/ip_forward Gr, Rob
