\_ SMTP quoth Steve Holmes on 2/25/2002 14:30 as having spake thusly:
\_
\_ Actually, I can't do it from the firewall box nor the inside. One thing I
\_ can tell for sure, I can communicate back and forth between the local
\_ boxes but nobody can get outside with ping, traceroute, dig or any of
\_ those good buddies. The forward chain does look identical to what you
\_ suggested below. I need to dig into the input chain, I believe. This
\_ package script uses an inet-in rule to set up the various permissions and
\_ the internet device (netward card) is defaulted to this internet rule. If
\_ allowed through, those ports are '-j ACCEPT'. But devices lo (loopback)
\_ and LAN card (eth0 in my case) both default to input -j ACCEPT so they
\_ should be getting through no matter what, I would think. So I'm either
\_ missing something or there may be a bug in my implementation of ipchains.
You may need to to -j ACCEPT in masquerade chain for trusted devices?
(text/plain)