Re: eth1 - iptables do not work

[Tamas Hegedus <hegedus@med.unc.edu>]

THANKS a LOT!
It works now :-)))

Sometimes I can be frustrated for several days and not recognize such a 
pity mistake :-(

Juan Céspedes wrote:
> On Thu, Oct 9, 2008 at 2:19 PM, Tamas Hegedus <hegedus@med.unc.edu> wrote:
> > iptables -L -nv
> > Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
> >  pkts bytes target     prot opt in     out     source destination
> >   43 11505 ACCEPT     all  --  *      lo      0.0.0.0/0 0.0.0.0/0
> >    4   270 ACCEPT     all  --  *      eth0    152.19.83.61 0.0.0.0/0
> >    0     0 ACCEPT     all  --  *      eth0    192.168.15.0/24 0.0.0.0/0
> >    0     0 drop-and-log-it  all  --  *      *       0.0.0.0/0   0.0.0.0/0
>
> You don't have any rule to let the answer packets get out of this
> machine to 192.168.15.0/24.
>
> I would add something like:
> iptables -I OUTPUT -o eth1 -d 192.168.15.0/24 -j ACCEPT
>
> (oh, and btw, your 3rd rule shouldn't be there; this machine should
> not output any packets from ip range 192.168.15.0/24)

--
Tamas Hegedus, PhD          | phone: (1) 919-966 0329
UNC - Biochem & Biophys     | fax:   (1) 919-966 5178
6107 Thurston-Bowles Bldg   | mailto:hegedus@med.unc.edu
Chapel Hill, NC, 27599-7248 | http://biohegedus.org