-----Original Message----- From: Austin Morgan [mailto:admorgan@usa.net] Sent: Friday, April 28, 2000 09:44 My ipchains -L looks like this: Chain input (policy ACCEPT): Chain forward (policy ACCEPT): target prot opt source destination ports MASQ all ______ anywhere anywhere n/a Chain output (policy ACCEPT):
eth0=internet eth1=lan
command for the chain ipchains -Aforward -ieth1 -jMASQ [snip]
As someone else mentioned, for the FORWARD rules the interface option refers to the outgoing interface. So if you want to masquerade your lan to the Internet, use: ipchains -A FORWARD -i eth0 -j MASQ The command you posted masq's packets from the Internet, not to the Internet. You also might get more milage out of something like: ipchains -A FORWARD -i eth0 -s [internal lan and mask] -d 0.0.0.0/0 -j MASQ just for completeness sake. -Andrew andrew@netdelivery.com -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/