> I appears to already to the drop policy first, as you say.  I think we
> just need "the allow everything from eth1 to eth2" and we'll be good to
> go.

OK, I added these to rc.firewall.local and from the command line:

/sbin/iptables -A FORWARD -i eth1 -o eth2 -j ACCEPT
/sbin/iptables -A FORWARD -i eth2 -o eth1 -m state --state
ESTABLISHED,RELATED -j ACCEPT

I'll go put some things together for the meeting and test this functionality.

Alan



---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss