On Thursday 20 November 2008 13:52, Christopher K. Johnson wrote: > Does /etc/sysconfig/iptables actually contain the lines > > *nat > > :PREROUTING ACCEPT [1:233] > :POSTROUTING ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > > -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j SNAT --to-source 10.154.19.210 > COMMIT > > It seems unlikely that it was written correctly since the restart did > not implement your SNAT rule, and this file is what a restart reads. > Perhaps there is a bug in iptables-save? I edit > /etc/sysconfig/iptables directly, and recommend that if you are not > using some firewall front-end or tool to do this, that you do the same. :-) I am not that much pro for iptables as for dhcp --- in fact, I gave up on learning iptables syntax a long time ago and rely on guis for configuration --- but wouldn't it be much much easier for the OP to set up nat using, say, firestarter? First "yum install firestarter". Then run it and answer the questions that wizard asks. Activate NAT options, do not touch dhcp options (this is already configured). The eth1 device is the local network, while eth0 is the uplink to outside. I don't have two network cards here now so I cannot repeat exact steps, but it should be trivial in a sense. HTH, :-) Marko -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
