Well, at least I tried. I was along the right lines though and Rodolfo J. Paiz hit it right on the head. I think I'll just stick to reading instead of awnsering. And BTW. I agree with the "FC2 Issues" thread.... Those kind of bugs should NOT make it into a offical release that isn't an RC. ( alas, I too was bitten by the duel boot bug and so where quite a few others that I know. ) -----Original Message----- From: fedora-list-bounces@xxxxxxxxxx [mailto:fedora-list-bounces@xxxxxxxxxx]On Behalf Of Alexander Dalloz Sent: June 15, 2004 1:45 PM To: For users of Fedora Core releases Subject: Re: nat masquerade router Am Di, den 15.06.2004 schrieb Michael Floyd um 19:29: > Well I see that your using a 24 bit subnet mask ( 255.255.255.0 ) not a 16 > bit ( 255.255.0.0 ) > It would be your firewall rules that are blocking you..... Right. > These two lines...... > # iptables -A FORWARD -s 192.168.0.0/16 -j ACCEPT# iptables -A FORWARD > -d 192.168.0.0/16 -j ACCEPT > # iptables -A FORWARD -s ! 192.168.0.0/16 -j DROP > > the ip's should be 192.168.1.0/24 not 192.168.0.0/16 > the way it's writen, you drop everthing on your subnet. No :) That doesn't matter. 192.168.0.0/16 includes the 192.168.1.0/24 net. He is just bit more permissive than it needs. But does no harm. What is causing the blocking is: iptables -A FORWARD -s ! 192.168.0.0/16 -j DROP It drops all incoming traffic not being from the private address range. Thus packages from public internet are dropped. What you intend is better placed to the INPUT chain. > Michael Floyd Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435 Serendipity 19:36:44 up 16:03, 8 users, 0.31, 0.29, 0.31
