You are not logged in.
Pages: 1
eth0 - internet, eth1 - lan
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
from lan i can ping server eth0 and eth1 ip.
from server i can ping client ip and any internet ip.
i CANT ping any internet ip from client
where is mistake? maybe archlinux kernel dont support ip forwarding?
Offline
It's something with your nat configuration. Try using this firewall generator, it has the nat tables included. Even if you dont want to use the script, it produces commented output with the rules that you may find usefull.
Just run the included script and it will ask you a series of questions.
Offline
echo 1 > /proc/sys/net/ipv4/ip_forward
perhaps?
Offline
echo 1 > /proc/sys/net/ipv4/ip_forward
perhaps?
i already tried that
Offline
Best to give your whole config then, and slightly more detail as how the network looks like. (It can also be a stupid DNS problem instead.)
Offline
quicktables worked great, apperantly it needs to reboot to start effect of new config
thx everyone
Offline
Once you've rebooted you can always do a
/etc/rc.d/iptables save
to hard coat a config file for iptables. That way its convient to start,stop, flush and add new rules on the fly. Just remember to add iptables to your DAEMONS() array and comment out the path you provided earlier in /etc/rc.local.
Edit: you may have to create a new file 'iptables.rules' in /etc/iptables/ to get it to work.
Offline
Pages: 1