Hi,
Sandy Sumitro írta:
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -F
iptables -t nat -A PREROUTING -i ppp0 -j DNAT --to-destination 192.168.1.252
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.1.252 -o ppp0 -j MASQUERADE
Seems good... Except the last rule is not going to get hit by any
packet... :D
PS: i have set /proc/sys/net/ipv4/ip_forward to 1
(echo 1 > /proc/sys/net/ipv4/ip_forward)
Good... :D
1. Check the default gateway setting on the DMZ (1.252)
2. Check the routing on gateway (1.251)
3. Setup a firewall on DMZ too !!!
Swifty
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html