RE: iptables - problem with a subnet
No I wasn't forgotten to put the rules for OUTPUT. When I tested the
rules I logged every dropped packet in my syslog. I found 10.1.1.203
with IN=eth0 OUT= means the trouble start right at receiving the
Thanks for the suggestion :)
Kind regards Michel.
From: email@example.com [mailto:firstname.lastname@example.org] On Behalf Of Yuriy
Sent: zaterdag 31 augustus 2002 13:14
Subject: Re: iptables - problem with a subnet
"Michel Pikkaart" <email@example.com> writes:
> I have a little network <IP>/29 at home. My server has IP number
> x.x.x.206. What I would like is to give all my computers on my local
> network full access to my server. So I put this as first at top of my
> iptables list. for example my ranges is 10.1.1.0/29
> -A INPUT -s 10.1.1.200/29 -j ACCEPT (policy is DROP)
> but this doesn't work. So I try the rules here below and this does
> work very well.
> Does someone know what I'm doing wrong?
Probably you forgot to permit packets get out from server :
-A OUTPUT -d 10.1.1.200/29 -o eth0 -j ACCEPT
same for FORWARD chain. And it`s better to set in/out interfaces
You should add at the bootom of every chain log rules to see what`s
Mon at phobos.loc
Der kalte Mond in voller Pracht...
The Moon is Waning Crescent (46% of Full)
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact