|
ip_forward contains 1 at boot time
If on the "server" I dont use any DROP rules, but still
use iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE (eth0
is my public nic, eth1 is private 192.168.2.0/24) then the problems STILL occur.
It might be worth while noting that I am behind a hardware firewall/router that
has port 5000 open.
Still with the firewall rule above on the server, I
still cannot access the LAN.
Hi,
Routing is done by the kernel, so it is only
required to enable it.
Assuming that your kernel has been
compiled with routing capability, your
proc/sys/net/ipv4/ip_forward containing 1
does
that.
But I assume that routing is working, otherwise
your LAN would not have access to the Internet.
You could check whether your "ping" is going out
the external interface by
tcpdump -i eth1
If you have an ADSL connection, the outgoing
packets are ppp, so it is better to use
tcpdump -i ppp0
My guess is that your problem is at the
firewall. I will suggest you to add logging to your firewall
rules, where packets might be droped.
Also it is a good idea to add catchall logging rules,
before packets fall into the default policy DROP.
Good luck!
Julio
////////////////////////////////////
|