Hello All, I am using Squid proxy and IPtables. I am having some problems to configure firewall. The problem is SNAT rule If I put rule in script I am able to connect VPN server at outside world but could not block yahoo messengers by squid without SNAT rule I can block messenger through squid. I have checked VPN connection properties there is check box IPsec through NAT mode . If I uncheck I wont able to connect SNAT Rule $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to $EXTIP could anyone help to solve my problem also I have tried this rules to connect VPN but wont work # IKE negotiations $IPTABLES -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT $IPTABLES -A OUTPUT -p udp --sport 500 --dport 500 -j ACCEPT $IPTABLES -A FORWARD -p udp --sport 500 --dport 500 -j ACCEPT # ESP encrypton and authentication $IPTABLES -A INPUT -p 50 -j ACCEPT $IPTABLES -A OUTPUT -p 50 -j ACCEPT $IPTABLES -A FORWARD -p 50 -j ACCEPT # uncomment for AH authentication header #$IPTABLES -A INPUT -p 51 -j ACCEPT #$IPTABLES -A OUTPUT -p 51 -j ACCEPT Thanks in advance Nilesh, __________________________________ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
