9:48pm Antonio said:
I installed a new modem ADSL2+ that doesn' t need pppo any longer because it starts connection by himself I had this set of rules on my my computer acting as a router. When I switched from the old to the new modem, the computer on the lan didn't surf the net, the I realized that I had to change some rule. # Generated by iptables-save v1.2.6a on Fri Feb 21 09:27:33 2003 *nat :OUTPUT ACCEPT [0:0] :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -s 192.168.0.0/24 -o ppp0 -j MASQUERADE # Forward HTTP connections to Squid proxy -A PREROUTING -p tcp -m tcp -i eth0 --dport 80 -j REDIRECT --to-ports 3128 COMMIT # Completed on Fri Feb 21 09:27:33 2003 # Generated by iptables-save v1.2.6a on Fri Feb 21 09:27:33 2003 *mangle :PREROUTING ACCEPT [9:432] :INPUT ACCEPT [3:234] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [9:684] :POSTROUTING ACCEPT [17:1292] COMMIT # Completed on Fri Feb 21 09:27:33 2003 # Generated by iptables-save v1.2.6a on Fri Feb 21 09:27:33 2003 *filter :FORWARD DROP [0:0] :INPUT DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i eth0 -j ACCEPT -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -i eth0 -j ACCEPT COMMIT # Completed on Fri Feb 21 09:27:33 2003 _______________________________________________________ I replaced the postrouting line by: -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j MASQUERADE But the LAN didn't work. Where is the mistake???
Take a closer look at "iptables-save -c" preferably run in the year 2007 after making your change.
Are you really sure the problem is iptables related? You might also peek at "ip addr" and "ip route" just to make sure you still don't have something goofy leftover in your routing like default dev ppp0.
../C
