-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 try /path-to/ipchains -P FORWARD -j DENY exactly what error message do you get? On Tue, 27 Aug 2002, Alberto García Fumero wrote:

Hi all. I have set an intranet using private directions (192.168.0..x), so only the server (192.168.0.1) has direct access to Internet and all the other machines must access Internet through that gateway. As for now, the only thing I have installed is Squid, up and running smoothly with the desired restrictions. I use SuSE 7.0 for the server. The fact is, I want to guarantee all the other Internet services to the users, but I do not know how to achieve this. Which of the FW_ variables I have to set, and how? I have tried using IPChains (remember this is SuSE 7.0) in this manner,using a script:

/sbin/modprobe ip_masq_user /sbin/modprobe ip_masq_raudio /sbin/modprobe ip_masq_ftp /sbin/modprobe ip_masq_irc echo "1" > /proc/sys/net/ipv4/ip_forward ||exit 1 /sbin/ipchains -P foward DENY || exit 1 /sbin/ipchains -A forward -s192.168.0.0/255.255.255.0 -j MASQ || exit 1

with no success.

What am I missing? TIA

-- MSc. Alberto García Fumero Centro de Información para la Educación Ministerio de Educación Usuario Linux No. 97 138 ¿Windows? No, gracias!

-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: För information se http://www.gnupg.org/ iD8DBQE9bFkeaeebkU3K8LMRAqS/AKDYyuUAvep01/gzyKTE3lKYJnAlUQCg4ibS 3titadi0+uvtGj5lU0egcSE= =y5Ff -----END PGP SIGNATURE-----