[NBLUG/talk] iptables guidance/guru?
Tim C. Lewis
tclewis at oreilly.com
Mon Feb 12 13:41:44 PST 2007
On Mon, 12 Feb 2007, Glen Gunsalus wrote:
> However, the default iptables set up by S35firewall (and probably the natting)
> doesn't let me pass traffic between the subnets.
could it just be that ip forwarding isn't enabled?
do: cat /proc/sys/net/ipv4/ip_forward;
output should be 1, not 0. if 0:
echo 1 > /proc/sys/net/ipv4/ip_forward;
and/or add "net.ipv4.ip_forward = 1" to /etc/sysctl.conf and run
sysctl -p /etc/sysctl.conf
that's the first thing that comes to mind. dunno what the default setting
for openwrt is.
> Is there a sane way to get where I want w/o having to master iptables ((looks
> rather formidable to me at this point after looking at e tutorials).
sure, but it always helps to know what each rule is doing. could always
test with no firewall rules before adding them -- stop the firewall
service, see if traffic routes under those circumstances before moving
forward with drop/deny rules.
-tcl.
More information about the talk
mailing list