Hi all.
I use iptables for 2 years an I thought I was able to resolv any
problem but I can't understand this one.
I use a Debian as a gateway for another machine at home.
Kernel is 2.6.7.
eth0 is inside my network.
ppp0 is my internet connection.
The gateway machine have absolutly no problem : Eveything is fine.
The other machine CAN ONLY ACCESS GOOGLE !!!!!
No other site is working !
I used tcpflow to see what happend when my internal machine try to
access internet : I can see the post, but no reply.
More : the question is asked 3 times but it is only sent once by the
machine.
I tried by hand :
telnet 10.0.0.1
Trying 195.42.251.40...
Connected to
www.fnac.com.
Escape character is '^]'.
GET / HTTP/1.0
Host:
www.yahoo.com
And I see, on the tcpflow :
010.000.020.099.32782-216.109.118.074.00080: GET / HTTP/1.0
010.000.020.099.32782-216.109.118.074.00080: Host:
www.yahoo.com
010.000.020.099.32782-216.109.118.074.00080: Host:
www.yahoo.com
010.000.020.099.32782-216.109.118.074.00080: Host:
www.yahoo.com
216.109.118.074.00080-010.000.020.099.32782: b>Shop</b></font></td><td
colspan=2><font face=a
216.109.118.74 is really yahoo :
;; ANSWER SECTION:
74.118.109.216.in-addr.arpa. 924 IN PTR p11.
www.dcn.yahoo.com.
More infos :
ip forward is activated in /etc/network/options.
rules are :
*nat
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
*filter
-A INPUT -i eth0 -j ACCEPT
-A OUTPUT -o eth0 -j ACCEPT
-A FORWARD -i eth0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -o ppp0 -j ACCEPT
-A FORWARD -i ppp0 -o eth0 -m state --state ESTABLISHED,RELATED -j
ACCEPT
I really don't understand what happen.
Can any body help or will I become crazy ?
Thenks in advance for any help.
Mike
Similar Threads
Linear Mode
