Carlos Mtz-Troncoso a écrit : > Thanks Pascal for your answer. > > I had that rule but I deleted, I just add again > > iptables -A FORWARD -p tcp -i eth0 -d 10.1.1.7 --dport 80 -j ACCEPT > > but it doesn't work. Maybe because of the rule ordering ? Your script weirdly mixes -I and -A commands, and has a "-I FORWARD -j DROP" rule which inserts a plain "DROP everything" at the very beginning of the chain. As a result, any rule created before or appended after this one has no effect. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
