From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1HnFMA-00002D-Ju for garchives@archives.gentoo.org; Sun, 13 May 2007 14:47:31 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l4DEkDJc024335; Sun, 13 May 2007 14:46:13 GMT Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.251]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l4DEfvn3019670 for ; Sun, 13 May 2007 14:41:58 GMT Received: by an-out-0708.google.com with SMTP id b33so405859ana for ; Sun, 13 May 2007 07:41:57 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=ihFvfOtXKEk3vxnDcJOjBnnAmaf5MmGqu+gSH6+ufUUcS+pWcFnc9QTHKxi3efdSQM7uPRmBZMA/xQlOrxd9fr6tOeogNufDV58V+UoRwurcLOup9HvPyIIExhJ0ZYFfHZ46BB2JLOznUQSnb8S6McrcCMxDh9bZ0LZ5qglq22U= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=lgQwmfwoMkybg294JkGUPRa7ZQDssODiWUFI35DsE7pQPeED6V7K8Mqk+mu6UBbBvM4gufFczYWbFnQFVtLzmC6D/2W/aLtMDZqhJacpNt8F0XQeWfBhTcXf9x1Iy/nZ8kCixW55jauLxOhEaHOUIrv6dYwyMhidMF0uetm266Y= Received: by 10.100.120.5 with SMTP id s5mr3744346anc.1179067316748; Sun, 13 May 2007 07:41:56 -0700 (PDT) Received: by 10.100.174.17 with HTTP; Sun, 13 May 2007 07:41:56 -0700 (PDT) Message-ID: <7797aa370705130741m381555b2qf64fc3a96c271769@mail.gmail.com> Date: Sun, 13 May 2007 22:41:56 +0800 From: "Chuanwen Wu" To: gentoo-user Subject: [gentoo-user] iptables configuration problem Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Archives-Salt: 0dee008c-5e0f-4c40-8381-ad2e345dfb19 X-Archives-Hash: 44fd3561cfe6e1c3a9309579476ae9bf Hi,guys! I use iptables to let the PCs in the subnet to connect the internet outside. And i write a simple script,but it doesn't work: #!/bin/sh iptables -F #Define packets from Internet server to Intranet iptables -A FORWARD -d 198.168.1.0/24 -i eth0 -j ACCEPT #Define packets from Intranet to Internet iptables -A FORWARD -s 198.168.1.0/24 -i eth1 -j ACCEPT Here is the result of iptables -L: # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere 198.168.1.0/24 ACCEPT all -- 198.168.1.0/24 anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination The eth0 here has the real ip,and the eth1 have a subnet ip:192.168.1.21. How to fix this problem?All I need now is just to let my office machine to use the internet! Thanks in advanced!! -- wcw -- gentoo-user@gentoo.org mailing list