iptables forwarding rule

To: debian-isp@lists.debian.org
Subject: iptables forwarding rule
From: Ritesh Raj Sarraf <rrs@researchut.com>
Date: Sun, 26 Mar 2006 02:54:10 +0530
Message-id: <[🔎] e04cef$jo2$1@sea.gmane.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

What would the following mean ?

echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -P FORWARD DROP
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i tap0 -o eth0 -j ACCEPT

Now when I ping to any external host (like yahoo.com) from my User Mode
Linux based VM, it doesn't.

But adding another rule:
iptables -A FORWARD -i eth0 -o tap0 -j ACCEPT

makes everything work.

Can anyone help me with what I'm wrong at ?

Thanks,
Ritesh
- -- 
Ritesh Raj Sarraf
RESEARCHUT -- http://www.researchut.com
"Necessity is the mother of invention."
"Stealing logic from one person is plagiarism, stealing from many is
research."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEJbUB4Rhi6gTxMLwRAuaFAJ9LAY3d8MFrYR+cBZjKJg+ZD+YOOACfRZNZ
ojUmXg/TL0XueRtQe7+cqeM=
=hTwj
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: iptables forwarding rule
  - From: martin f krafft <madduck@debian.org>

Prev by Date: SATA on HP ML110 G3
Next by Date: Re: iptables forwarding rule
Previous by thread: SATA on HP ML110 G3
Next by thread: Re: iptables forwarding rule
Index(es):
- Date
- Thread