Re: iptables - problem with a subnet

To: <michel@pikkaart.net>
Cc: <debian-firewall@lists.debian.org>
Subject: Re: iptables - problem with a subnet
From: Yuriy Vostrikoff <mon@lcpi.lipetsk.ru>
Date: Sat, 31 Aug 2002 15:13:51 +0400
Message-id: <[🔎] 877ki7jn68.fsf@phobos.loc>
Reply-to: mon@lcpi.lipetsk.ru
In-reply-to: <[🔎] 000801c250c6$c2a3da20$cab36291@michel> ("Michel Pikkaart"'s message of "Sat, 31 Aug 2002 10:16:46 +0200")
References: <[🔎] 000801c250c6$c2a3da20$cab36291@michel>

"Michel Pikkaart" <michel@pikkaart.net> writes:


> I have a little network <IP>/29 at home. My server has IP number
> x.x.x.206. What I would like is to give all my computers on my local
> network full access to my server. So I put this as first at top of my
> iptables list. for example my ranges is 10.1.1.0/29
>
> -A INPUT -s 10.1.1.200/29 -j ACCEPT       (policy is DROP)
>
> but this doesn't work. So I try the rules here below and this does work
> very well.
>
>
> Does someone know what I'm doing wrong?
>

Probably you forgot to permit packets get out from server :
-A OUTPUT -d 10.1.1.200/29 -o eth0 -j ACCEPT
same for FORWARD chain.  And it`s better to set in/out interfaces
explicitly. 
You should add at the bootom of every chain log rules to see what`s
going on.

-- 
	Mon at phobos.loc
	Der kalte Mond in voller Pracht...
	The Moon is Waning Crescent (46% of Full)

Reply to:

Follow-Ups:
- RE: iptables - problem with a subnet
  - From: "Michel Pikkaart" <michel@pikkaart.net>

References:
- iptables - problem with a subnet
  - From: "Michel Pikkaart" <michel@pikkaart.net>

Prev by Date: iptables - problem with a subnet
Next by Date: RE: iptables - problem with a subnet
Previous by thread: iptables - problem with a subnet
Next by thread: RE: iptables - problem with a subnet
Index(es):
- Date
- Thread