Am Mo, den 30.08.2004 schrieb Hans Christian Studt um 21:49: Please don't change the reply address like you did. It is very uncomfortable to always have to check that a reply will go to the list! > >What is the content of /etc/sysconfig/iptables and especially line 13 in > >this file? Seems you have wrong syntax in there. > > ========== /etc/sysconfig/iptables ========== > 1 *filter > 2 :INPUT ACCEPT [0:0] > 3 :FORWARD ACCEPT [0:0] > 4 :OUTPUT ACCEPT [0:0] > 5 :RH-Firewall-1-INPUT - [0:0] > 6 -A INPUT -j RH-Firewall-1-INPUT > 7 -A FORWARD -j RH-Firewall-1-INPUT > 8 -A RH-Firewall-1-INPUT -i lo -j ACCEPT > 9 -A RH-Firewall-1-INPUT -i eth0 -j ACCEPT > 10 -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT > 11 -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > 12 -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited > 13 -t nat -A POSTROUTING -o ppp0 -j MASQUERADE > 14 COMMIT > ========== /etc/sysconfig/iptables ========== > > Mvh Hans Christian Studt Right, the error is abvious. You have a wrong command line (line 13) in the filter section. Remove line 13. Add to top of the iptables file following: *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -o ppp0 -j MASQUERADE COMMIT Run "service iptables restart" and all is fine. Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp Serendipity 22:17:14 up 19:33, 12 users, 0.44, 0.22, 0.18
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
