Mark Chong wrote:
regarding Q1 I'm not sure why it would have worked in the past but iptables -t nat -A POSTROUTING -s $LAN_NET -j MASQUERADEthis will masq all connections from the 192.168.1.0/24 range, even those that goto 192.168.2.0/24instead you should probably want something like iptables -t nat -A POSTROUTING -o $WAN_NIC -j MASQUERADE so that any traffic routed outside the network gets nat'd
Perfect. -- /Lars