15 Nov
2001
15 Nov
'01
10:13
iptables -P OUTPUT ACCEPT iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -t nat -P POSTROUTING DROP
Don't set pre- or postrouting policies to drop. Use the forward chain to drop anything but the desired traffic. Anything that traverses the pre- or postrouting chains also travels through the forward chain. And you're missing forward rules to allow the desired traffic (plus the rest you need for basic connectivity, such as some ICMP, etc..) HTH Tobias