l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2005 Jul 27 23:05

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] HTTP Routing Strangeness - SOLVED
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] HTTP Routing Strangeness - SOLVED



On Mon, 25 Jul 2005, Rod Roark wrote:

On Monday 25 July 2005 03:22 pm, Chris Jenks wrote:
   Setting the iptables rules starts with:

iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -i ! ppp0 -j ACCEPT
iptables -P INPUT DROP
iptables -A FORWARD -i ppp0 -o ppp0 -j REJECT
Seems like this would drop all your incoming UDP packets, e.g.
responses to DNS queries.  Regardless, try starting with the
simplest possible firewall with NAT and add things a little at
a time until you find something that breaks it.

-- Rod
I remembered that I had to adjust the MTU from 1500 to 1492 on the router when I set up pppoe on it, and when I read about MTU again, I realized that I also need to adjust it on the host machines behind the firewall as well. When I lowered the setting on one of the hosts from 1500 to 1412, I could download mail.yahoo.com/index.html.

Yours,

Chris
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.