From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-69322-garchives=archives.gentoo.org@gentoo.org>)
	id 1IV8mX-0006AA-IW
	for garchives@archives.gentoo.org; Tue, 11 Sep 2007 16:40:10 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l8BGVihi011595;
	Tue, 11 Sep 2007 16:31:44 GMT
Received: from smtp12.unit.tiscali.de (smtp10.unit.tiscali.de [213.205.33.46])
	by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l8BGMkA3031316
	for <gentoo-user@lists.gentoo.org>; Tue, 11 Sep 2007 16:22:46 GMT
Received: from [10.161.154.140] (212.23.126.12) by smtp12.unit.tiscali.de (7.3.122) (authenticated as f.philipp@addcom.de)
        id 46B409840001C7F0 for gentoo-user@lists.gentoo.org; Tue, 11 Sep 2007 18:22:45 +0200
Message-ID: <46E6C0C6.1080109@addcom.de>
Date: Tue, 11 Sep 2007 18:22:30 +0200
From: Florian Philipp <f.philipp@addcom.de>
User-Agent: Thunderbird 2.0.0.6 (X11/20070906)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
To:  gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Need help with routing
References: <46DA8845.4000603@addcom.de>	<46DA8C7B.9050107@bellsouth.net>	<20070903141607.7c436db1@pascal.spore.ath.cx>	<46E57639.8060101@addcom.de>	<46E593F7.8090406@addcom.de>	<20070910224820.38f039d7.hilse@web.de> <20070911110613.47e385a7@pascal.spore.ath.cx>
In-Reply-To: <20070911110613.47e385a7@pascal.spore.ath.cx>
X-Enigmail-Version: 0.95.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Archives-Salt: be6a74d3-02f7-4adc-b858-12d2fd21d41d
X-Archives-Hash: 2b74580fe3d86c9c65f5577c3975518b

Dan Farrell schrieb:
> On Mon, 10 Sep 2007 22:48:20 +0200
> Hans-Werner Hilse <hilse@web.de> wrote:
> 
>> is on what computer? On the "server" (I guess it's the router) the
>> last line would effectively prevent routing for the client (but I
>> don't know why ICMP works...). I would suggest starting without it
>> and then setting up proper rules -- and then setting the chain's
>> policy to DROP (plus some REJECT rules for proper answers).
> 
> I agree, I thought your firewall rules were a little wacky too.  These
> rules only route to one host.  generally you'd want to route to a whole
> network, not just one host. 
> 
>> (but I don't know why ICMP works...).
> 

Well, as I've written, they aren't "my" rules. I just copied and pasted
them.

I know just as much about iptables as I know about cars. I know the
theory, I've seen the building process from like 10 meters distance and
I use finished product.

I'd really appreciate if you could post the correct settings or config
file(s).
-- 
gentoo-user@gentoo.org mailing list