Did you do to configure the ip forward on router linksys ??? -----Mensaje original----- De: Anders Johansson [mailto:andjoh@cicada.linux-site.net] Enviado el: Sábado, 17 de Agosto de 2002 06:10 a.m. Para: suse-security@suse.com Asunto: Re: [suse-security] problem with NAT / ip forwarding On Saturday 17 August 2002 13.59, Roger Hayter wrote:
What I can't understand is why the SuSE server can do it. I also would be very interested in an answer from an expert on
this.
I'm not exactly an expert, but here goes SuSEfirewall2 has a rule SuSE-FW-NO_ACCESS_INT->FWEXT, controlled by the following in /sbin/SuSEfirewall2 ############################################################### # Anti Spoofing/Cirumvention protection - interface dependent # ############################################################### for DEV in $FW_DEV_INT; do for IP in $DEV_EXT; do $IPTABLES -A INPUT -j LOG ${LOG}"-NO_ACCESS_INT->FWEXT " -i $DEV -d $IP $IPTABLES -A INPUT -i $DEV -d $IP -j "$DROP" done done As far as I can see it's not controlled by any variable in /etc/sysconfig. If you want to bypass it you'd either have to comment out the above, or -I INPUT a rule that accepted the packets. regards Anders -- 'Deserves [death]. I daresay he does. Many that live deserve death. And some that die deserve life. Can you give it to them? Then do not be too eager to deal out death in judgement. For even the very wise cannot see all ends.' --Tolkien, The Lord of the Rings -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here