[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: iptables - problem with a subnet


No I wasn't forgotten to put the rules for OUTPUT. When I tested the
rules I logged every dropped packet in my syslog. I found
with IN=eth0 OUT=  means the trouble start right at receiving the

Thanks for the suggestion :)

Kind regards Michel.

-----Original Message-----
From: mon@phobos.loc [mailto:mon@phobos.loc] On Behalf Of Yuriy
Sent: zaterdag 31 augustus 2002 13:14
To: michel@pikkaart.net
Cc: debian-firewall@lists.debian.org
Subject: Re: iptables - problem with a subnet

"Michel Pikkaart" <michel@pikkaart.net> writes:

> I have a little network <IP>/29 at home. My server has IP number 
> x.x.x.206. What I would like is to give all my computers on my local 
> network full access to my server. So I put this as first at top of my 
> iptables list. for example my ranges is
> -A INPUT -s -j ACCEPT       (policy is DROP)
> but this doesn't work. So I try the rules here below and this does 
> work very well.
> Does someone know what I'm doing wrong?

Probably you forgot to permit packets get out from server :
-A OUTPUT -d -o eth0 -j ACCEPT
same for FORWARD chain.  And it`s better to set in/out interfaces
You should add at the bootom of every chain log rules to see what`s
going on.

	Mon at phobos.loc
	Der kalte Mond in voller Pracht...
	The Moon is Waning Crescent (46% of Full)

To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact

Reply to: