Am Di, den 15.06.2004 schrieb Michael Floyd um 19:29: > Well I see that your using a 24 bit subnet mask ( 255.255.255.0 ) not a 16 > bit ( 255.255.0.0 ) > It would be your firewall rules that are blocking you..... Right. > These two lines...... > # iptables -A FORWARD -s 192.168.0.0/16 -j ACCEPT# iptables -A FORWARD > -d 192.168.0.0/16 -j ACCEPT > # iptables -A FORWARD -s ! 192.168.0.0/16 -j DROP > > the ip's should be 192.168.1.0/24 not 192.168.0.0/16 > the way it's writen, you drop everthing on your subnet. No :) That doesn't matter. 192.168.0.0/16 includes the 192.168.1.0/24 net. He is just bit more permissive than it needs. But does no harm. What is causing the blocking is: iptables -A FORWARD -s ! 192.168.0.0/16 -j DROP It drops all incoming traffic not being from the private address range. Thus packages from public internet are dropped. What you intend is better placed to the INPUT chain. > Michael Floyd Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435 Serendipity 19:36:44 up 16:03, 8 users, 0.31, 0.29, 0.31
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
