I made it. I applied rules as I stated on firewall box, and added addresses to win machines, but before I forgot to add default gw for machine on subnet 10.1.1.0 Adding 10.1.1.1 as default gateway for host 10.1.1.2 made it possible to ping from 192.168.1.2 to 10.1.1.2 and vice versa. Thank you very much for your help. Best wishes and regards On 4/21/07, Marc Haber <mh+netfilter@xxxxxxxxxxxx> wrote:
On Sat, Apr 21, 2007 at 07:18:47PM +0200, crux crux wrote: > No, it is my fault, I forgot to add " reply to all " sorry people . > > I mistyped eth1 ( there sholud be eth2 ) in first post. > > iptables -A FORWARD -i eth0 -o eth2 -j ACCEPT > iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT > > echo 1 > /proc/sys/net/ipv4/ip_forward > > does not ( I still do not know why ) forward packets from eth2 to > eth1 and vica versa. > > And yes, I have implemented only above two rules Please show the output of iptables -nvL. Please give the output of ipconfig /all on the windows boxes. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
