still can't do stuff
Wayne Topa
wtopa@dmcom.net
Thu, 5 Jul 2001 16:49:09 -0400
Subject: still can't do stuff
Date: Thu, Jul 05, 2001 at 09:53:19PM +0200
In reply to:gabberatski
Quoting gabberatski(gabberatski@freegates.be):
> I can ping my intern network (192.168.x), but I can't ping for example my DNS servers (from my ISP)
> What is wrong?
>
> #!/bin/sh LAN_IP_RANGE="192.168.0.0/24"
> LAN_IP="192.168.0.1/32"
> LAN_BCAST_ADRESS="192.168.0.255/32"
> LOCALHOST_IP="127.0.0.1/32"
> INET_IFACE="ppp0"
> LAN_IFACE="eth0"
> IPTABLES="/usr/local/sbin/iptables" echo "Initiliazing the firewall..."
> #Clear existing rules and chains
> $IPTABLES -F
> $IPTABLES -t nat -F
> $IPTABLES -X
> $IPTABLES -t nat -X #Default DROP policy
>
> iptables -P INPUT DROP
> iptables -P OUTPUT DROP
> iptables -P FORWARD DROP #Masqerading
--<snip>-- rules
if cat /proc/sys/net/ipv4/ip_forward == 0
then
echo 1 > /proc/sys/net/ipv4/ip_forward
Thats all I can see thats missing.
:-) HTH, YMMV, HAND :-)
--
Goto, n.:
A programming tool that exists to allow structured programmers to complain
about unstructured programmers -- Ray Simard
_______________________________________________________