Forwarding not working, need help

Rob Sterenborg rob at sterenborg.info
Tue Nov 15 14:34:55 CET 2005


On Mon, November 14, 2005 20:49, fernando wrote:

*DONT'T* do this :

> # Setting nat polices to drop:
>
> for TABLES in PREROUTING POSTROUTING OUTPUT
>  	do
>  		$IPTABLES -t nat -P $TABLES DROP
>  	done
>
> # Setting mangle polices to drop:
>
> for TABLES in INPUT PREROUTING POSTROUTING FORWARD OUTPUT
>  	do
>  		$IPTABLES -t mangle -P $TABLES DROP
>  	done

"Filtering" is done in the "filter" table, it is considered "bad
practice" to use other tables and if you're not sure about what you're
doing you may get unexpected results. Please read up on the subject in
the archives.
You must have read /dev/rob0's post that the nat and mangle rules were
a "horrible abuse". I suppose he meant this.

I didn't check the rest of your script. It could be it still doesn't
work if you delete the above, but it may as well.

Personally, I think you had better start with a simple script (this
one contains rules normally not needed in forwarding) and add rules
you think you need when you've got things working.


Gr,
Rob





More information about the netfilter mailing list