From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.62)
	(envelope-from <gentoo-user+bounces-63867-garchives=archives.gentoo.org@gentoo.org>)
	id 1HnFMA-00002D-Ju
	for garchives@archives.gentoo.org; Sun, 13 May 2007 14:47:31 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l4DEkDJc024335;
	Sun, 13 May 2007 14:46:13 GMT
Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.251])
	by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l4DEfvn3019670
	for <gentoo-user@lists.gentoo.org>; Sun, 13 May 2007 14:41:58 GMT
Received: by an-out-0708.google.com with SMTP id b33so405859ana
        for <gentoo-user@lists.gentoo.org>; Sun, 13 May 2007 07:41:57 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
        b=ihFvfOtXKEk3vxnDcJOjBnnAmaf5MmGqu+gSH6+ufUUcS+pWcFnc9QTHKxi3efdSQM7uPRmBZMA/xQlOrxd9fr6tOeogNufDV58V+UoRwurcLOup9HvPyIIExhJ0ZYFfHZ46BB2JLOznUQSnb8S6McrcCMxDh9bZ0LZ5qglq22U=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
        b=lgQwmfwoMkybg294JkGUPRa7ZQDssODiWUFI35DsE7pQPeED6V7K8Mqk+mu6UBbBvM4gufFczYWbFnQFVtLzmC6D/2W/aLtMDZqhJacpNt8F0XQeWfBhTcXf9x1Iy/nZ8kCixW55jauLxOhEaHOUIrv6dYwyMhidMF0uetm266Y=
Received: by 10.100.120.5 with SMTP id s5mr3744346anc.1179067316748;
        Sun, 13 May 2007 07:41:56 -0700 (PDT)
Received: by 10.100.174.17 with HTTP; Sun, 13 May 2007 07:41:56 -0700 (PDT)
Message-ID: <7797aa370705130741m381555b2qf64fc3a96c271769@mail.gmail.com>
Date: Sun, 13 May 2007 22:41:56 +0800
From: "Chuanwen Wu" <wcw8410@gmail.com>
To: gentoo-user <gentoo-user@lists.gentoo.org>
Subject: [gentoo-user] iptables configuration problem
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Archives-Salt: 0dee008c-5e0f-4c40-8381-ad2e345dfb19
X-Archives-Hash: 44fd3561cfe6e1c3a9309579476ae9bf

Hi,guys!
I use iptables to let the PCs in the subnet to connect the internet outside.

And i write a simple script,but it doesn't work:

#!/bin/sh
iptables -F
#Define packets from Internet server to Intranet
iptables -A FORWARD -d 198.168.1.0/24 -i eth0 -j ACCEPT
#Define packets from Intranet to Internet
iptables -A FORWARD -s 198.168.1.0/24 -i eth1 -j ACCEPT


Here is the result of iptables -L:

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             198.168.1.0/24
ACCEPT     all  --  198.168.1.0/24       anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


The eth0 here has the real ip,and the eth1 have a subnet ip:192.168.1.21.
How to fix this problem?All I need now is just to let my office
machine to use the internet!
Thanks in advanced!!
-- 
wcw
-- 
gentoo-user@gentoo.org mailing list