I am running Mandrake 9.0 and have run into a problem. After enabling my ISP connection sharing via IP Masquerading my SAMBA services are now unavailable. Does anyone know of an easy fix. Any ideas would be appreciated. Much Thanks-

Could you post results of
iptables -L

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Well, so you don't have masquerading on. Maybe your Samba is just not running? Try
ps aux|grep smb

My appologies. I have several servers running and in my rush I accessed the wrong one. iptables -L output is:

[root@mss2 root]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ppp0_in all -- anywhere anywhere
eth0_in all -- anywhere anywhere
eth1_in all -- anywhere anywhere
eth2_in all -- anywhere anywhere
common all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefi
x `Shorewall:INPUT:REJECT:'
reject all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ppp0_fwd all -- anywhere anywhere
eth0_fwd all -- anywhere anywhere
eth1_fwd all -- anywhere anywhere
eth2_fwd all -- anywhere anywhere
common all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefi
x `Shorewall:FORWARD:REJECT:'
reject all -- anywhere anywhere

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere state NEW,RELATED,ES
TABLISHED
fw2net all -- anywhere anywhere
fw2masq all -- anywhere anywhere
all2all all -- anywhere anywhere
all2all all -- anywhere anywhere
common all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefi
x `Shorewall:OUTPUT:REJECT:'
reject all -- anywhere anywhere

Chain all2all (11 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABL
ISHED
newnotsyn tcp -- anywhere anywhere state NEW tcp flags:
!SYN,RST,ACK/SYN
common all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefi
x `Shorewall:all2all:REJECT:'
reject all -- anywhere anywhere

Chain common (5 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp echo-request
icmpdef icmp -- anywhere anywhere
DROP tcp -- anywhere anywhere state INVALID
REJECT udp -- anywhere anywhere udp dpts:netbios-ns:
netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp dpt:microsoft-ds
reject-with icmp-port-unreachable
reject tcp -- anywhere anywhere tcp dpt:135
DROP udp -- anywhere anywhere udp dpt:1900
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/4
reject tcp -- anywhere anywhere tcp dpt:auth
DROP all -- anywhere 192.168.0.255
DROP all -- anywhere 10.0.0.255
DROP all -- anywhere 192.168.0.255

Chain dynamic (8 references)
target prot opt source destination

Chain eth0_fwd (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere
masq2net all -- anywhere anywhere
all2all all -- anywhere anywhere
all2all all -- anywhere anywhere

Chain eth0_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
masq2fw all -- anywhere anywhere

Chain eth1_fwd (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere
loc2net all -- anywhere anywhere
all2all all -- anywhere anywhere
loc2loc all -- anywhere anywhere

Chain eth1_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
all2all all -- anywhere anywhere

Chain eth2_fwd (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere
loc2net all -- anywhere anywhere
all2all all -- anywhere anywhere
loc2loc all -- anywhere anywhere

Chain eth2_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
all2all all -- anywhere anywhere

Chain fw2masq (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABL
ISHED
newnotsyn tcp -- anywhere anywhere state NEW tcp flags:
!SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ip
p
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ne
tbios-ns
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ne
tbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ne
tbios-ssn
ACCEPT udp -- anywhere anywhere state NEW udp dpt:63
1
ACCEPT udp -- anywhere anywhere state NEW udp dpt:ne
tbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp dpt:ne
tbios-dgm
ACCEPT udp -- anywhere anywhere state NEW udp dpt:ne
tbios-ssn
all2all all -- anywhere anywhere

Chain fw2net (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABL
ISHED
newnotsyn tcp -- anywhere anywhere state NEW tcp flags:
!SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere

Chain icmpdef (1 references)
target prot opt source destination

Chain loc2loc (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABL
ISHED
newnotsyn tcp -- anywhere anywhere state NEW tcp flags:
!SYN,RST,ACK/SYN
all2all all -- anywhere anywhere

Chain loc2net (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABL
ISHED
newnotsyn tcp -- anywhere anywhere state NEW tcp flags:
!SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere

Chain masq2fw (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABL
ISHED
newnotsyn tcp -- anywhere anywhere state NEW tcp flags:
!SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:do
main
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:bo
otps
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ht
tp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ht
tps
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ip
p
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:im
ap
ACCEPT tcp -- anywhere anywhere state NEW tcp dpto
p3
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:sm
tp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:nn
tp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:nt
p
ACCEPT udp -- anywhere anywhere state NEW udp dpt:do
main
ACCEPT udp -- anywhere anywhere state NEW udp dpt:bo
otps
ACCEPT udp -- anywhere anywhere state NEW udp dpt:ht
tp
ACCEPT udp -- anywhere anywhere state NEW udp dpt:ht
tps
ACCEPT udp -- anywhere anywhere state NEW udp dpt:63
1
ACCEPT udp -- anywhere anywhere state NEW udp dpt:im
ap
ACCEPT udp -- anywhere anywhere state NEW udp dpto
p3
ACCEPT udp -- anywhere anywhere state NEW udp dpt:sm
tp
ACCEPT udp -- anywhere anywhere state NEW udp dpt:nn
tp
ACCEPT udp -- anywhere anywhere state NEW udp dpt:nt
p
all2all all -- anywhere anywhere

Chain masq2net (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABL
ISHED
newnotsyn tcp -- anywhere anywhere state NEW tcp flags:
!SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere

Chain net2all (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABL
ISHED
newnotsyn tcp -- anywhere anywhere state NEW tcp flags:
!SYN,RST,ACK/SYN
common all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefi
x `Shorewall:net2allROP:'
DROP all -- anywhere anywhere

Chain newnotsyn (8 references)
target prot opt source destination
DROP all -- anywhere anywhere

Chain ppp0_fwd (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere
net2all all -- anywhere anywhere
net2all all -- anywhere anywhere
net2all all -- anywhere anywhere

Chain ppp0_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
net2all all -- anywhere anywhere

Chain reject (6 references)
target prot opt source destination
REJECT tcp -- anywhere anywhere reject-with tcp-rese t
REJECT all -- anywhere anywhere reject-with icmp-por t-unreachable

Chain shorewall (0 references)
target prot opt source destination

The ISP connection share is working fine over the LAN. Also the SMB services are running acording to the Mandrake Control Center. I am also able to browse the LAN with the Gnome Samba Browser from the server. If I use explorer from a Windows 98 machine I can see the MSS2 server. When I click in it the station returns "MSS2 is not accessable". I know the password encription is set correctly. It looks like there might be some sort of fire wall set but I did not install one. If you have any ideas I am all ears. Thanks again!

In response to your last e-mail:

[root@mss2 root]# ps aux|grep smb
root 2221 0.0 0.3 4576 1720 ? S Oct07 0:00 smbd -D
root 5583 0.0 0.4 4952 2164 ? S Oct07 0:00 smbd -D
root 5584 0.0 0.1 3512 764 ? S Oct07 0:00 smbmount //MSS2/p
root 10645 0.0 0.1 1672 608 pts/3 S 09:59 0:00 grep smb

The Masquerading is done in the NAT table.

This is VERY hard to read, so please post the /etc/sysconfig/iptables file. There aren't enough references to interfaces here.
Mask out any sensitive ip numbers with xxx.xxx.xxx.xxx before you post...
If there isn't an iptables file, do a
service iptables save
to create one, then rename it to iptables.old so it won't interfere with the startup, and post that.

This piece...

Chain common (5 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp echo-request icmpdef icmp -- anywhere anywhere
DROP tcp -- anywhere anywhere state INVALID
REJECT udp -- anywhere anywhere udp dpts:netbios-ns: netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp dpt:microsoft-ds reject-with icmp-port-unreachable
reject tcp -- anywhere anywhere tcp dpt:135
DROP udp -- anywhere anywhere udp dpt:1900
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/4
reject tcp -- anywhere anywhere tcp dpt:auth
DROP all -- anywhere 192.168.0.255
DROP all -- anywhere 10.0.0.255
DROP all -- anywhere 192.168.0.255

looks like you are dropping the broadcast address & netbios udp packets from your local LAN, (if the rule applies to the lan interface)
This is how netbios communicates...

Regards,
Peter

# Generated by iptables-save v1.2.6a on Tue Oct 8 14:27:27 2002
*mangle
:PREROUTING ACCEPT [2024:942601]
:INPUT ACCEPT [931:328868]
:FORWARD ACCEPT [1093:613733]
:OUTPUT ACCEPT [919:125412]
:POSTROUTING ACCEPT [2017:747014]
uttos - [0:0]
retos - [0:0]
[2024:942601] -A PREROUTING -j pretos
[919:125412] -A OUTPUT -j outtos
[0:0] -A outtos -p tcp -m tcp --dport 22 -j TOS --set-tos 0x10
[0:0] -A outtos -p tcp -m tcp --sport 22 -j TOS --set-tos 0x10
[0:0] -A outtos -p tcp -m tcp --dport 21 -j TOS --set-tos 0x10
[0:0] -A outtos -p tcp -m tcp --sport 21 -j TOS --set-tos 0x10
[0:0] -A outtos -p tcp -m tcp --sport 20 -j TOS --set-tos 0x08
[0:0] -A outtos -p tcp -m tcp --dport 20 -j TOS --set-tos 0x08
[0:0] -A pretos -p tcp -m tcp --dport 22 -j TOS --set-tos 0x10
[0:0] -A pretos -p tcp -m tcp --sport 22 -j TOS --set-tos 0x10
[0:0] -A pretos -p tcp -m tcp --dport 21 -j TOS --set-tos 0x10
[0:0] -A pretos -p tcp -m tcp --sport 21 -j TOS --set-tos 0x10
[0:0] -A pretos -p tcp -m tcp --sport 20 -j TOS --set-tos 0x08
[0:0] -A pretos -p tcp -m tcp --dport 20 -j TOS --set-tos 0x08
COMMIT
# Completed on Tue Oct 8 14:27:27 2002
# Generated by iptables-save v1.2.6a on Tue Oct 8 14:27:27 2002
*nat
:PREROUTING ACCEPT [320:35723]
:POSTROUTING ACCEPT [107:10848]
:OUTPUT ACCEPT [181:17652]
pp0_masq - [0:0]
[90:5120] -A POSTROUTING -o ppp0 -j ppp0_masq
[50:2733] -A ppp0_masq -s 192.168.0.0/255.255.255.0 -j MASQUERADE
COMMIT
# Completed on Tue Oct 8 14:27:27 2002
# Generated by iptables-save v1.2.6a on Tue Oct 8 14:27:27 2002
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:all2all - [0:0]
:common - [0:0]
:dynamic - [0:0]
:eth0_fwd - [0:0]
:eth0_in - [0:0]
:eth1_fwd - [0:0]
:eth1_in - [0:0]
:eth2_fwd - [0:0]
:eth2_in - [0:0]
:fw2masq - [0:0]
:fw2net - [0:0]
:icmpdef - [0:0]
:loc2loc - [0:0]
:loc2net - [0:0]
:masq2fw - [0:0]
:masq2net - [0:0]
:net2all - [0:0]
:newnotsyn - [0:0]
pp0_fwd - [0:0]
pp0_in - [0:0]
:reject - [0:0]
:shorewall - [0:0]
[238:19094] -A INPUT -i lo -j ACCEPT
[352:262667] -A INPUT -i ppp0 -j ppp0_in
[341:47107] -A INPUT -i eth0 -j eth0_in
[0:0] -A INPUT -i eth1 -j eth1_in
[0:0] -A INPUT -i eth2 -j eth2_in
[0:0] -A INPUT -j common
[0:0] -A INPUT -j LOG --log-prefix "Shorewall:INPUT:REJECT:" --log-level 6
[0:0] -A INPUT -j reject
[555:549392] -A FORWARD -i ppp0 -j ppp0_fwd
[538:64341] -A FORWARD -i eth0 -j eth0_fwd
[0:0] -A FORWARD -i eth1 -j eth1_fwd
[0:0] -A FORWARD -i eth2 -j eth2_fwd
[0:0] -A FORWARD -j common
[0:0] -A FORWARD -j LOG --log-prefix "Shorewall:FORWARD:REJECT:" --log-level 6
[0:0] -A FORWARD -j reject
[238:19094] -A OUTPUT -o lo -j ACCEPT
[74:8660] -A OUTPUT -p icmp -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
[447:76449] -A OUTPUT -o ppp0 -j fw2net
[141:18393] -A OUTPUT -o eth0 -j fw2masq
[19:2816] -A OUTPUT -o eth1 -j all2all
[0:0] -A OUTPUT -o eth2 -j all2all
[0:0] -A OUTPUT -j common
[0:0] -A OUTPUT -j LOG --log-prefix "Shorewall:OUTPUT:REJECT:" --log-level 6
[0:0] -A OUTPUT -j reject
[0:0] -A all2all -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A all2all -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn
[341:47714] -A all2all -j common
[60:5400] -A all2all -j LOG --log-prefix "Shorewall:all2all:REJECT:" --log-level 6
[60:5400] -A all2all -j reject
[0:0] -A common -p icmp -m icmp --icmp-type 8 -j ACCEPT
[0:0] -A common -p icmp -j icmpdef
[0:0] -A common -p tcp -m state --state INVALID -j DROP
[272:40310] -A common -p udp -m udp --dport 137:139 -j REJECT --reject-with icmp-port-unreachable
[0:0] -A common -p udp -m udp --dport 445 -j REJECT --reject-with icmp-port-unreachable
[0:0] -A common -p tcp -m tcp --dport 135 -j reject
[0:0] -A common -p udp -m udp --dport 1900 -j DROP
[2:88] -A common -d 255.255.255.255 -j DROP
[0:0] -A common -d 224.0.0.0/240.0.0.0 -j DROP
[0:0] -A common -p tcp -m tcp --dport 113 -j reject
[10:1648] -A common -d 192.168.0.255 -j DROP
[5:824] -A common -d 10.0.0.255 -j DROP
[0:0] -A common -d 192.168.0.255 -j DROP
[538:64341] -A eth0_fwd -j dynamic
[538:64341] -A eth0_fwd -o ppp0 -j masq2net
[0:0] -A eth0_fwd -o eth1 -j all2all
[0:0] -A eth0_fwd -o eth2 -j all2all
[341:47107] -A eth0_in -j dynamic
[0:0] -A eth0_in -p icmp -m icmp --icmp-type 8 -j ACCEPT
[341:47107] -A eth0_in -j masq2fw
[0:0] -A eth1_fwd -j dynamic
[0:0] -A eth1_fwd -o ppp0 -j loc2net
[0:0] -A eth1_fwd -o eth0 -j all2all
[0:0] -A eth1_fwd -o eth2 -j loc2loc
[0:0] -A eth1_in -j dynamic
[0:0] -A eth1_in -p icmp -m icmp --icmp-type 8 -j ACCEPT
[0:0] -A eth1_in -j all2all
[0:0] -A eth2_fwd -j dynamic
[0:0] -A eth2_fwd -o ppp0 -j loc2net
[0:0] -A eth2_fwd -o eth0 -j all2all
[0:0] -A eth2_fwd -o eth1 -j loc2loc
[0:0] -A eth2_in -j dynamic
[0:0] -A eth2_in -p icmp -m icmp --icmp-type 8 -j ACCEPT
[0:0] -A eth2_in -j all2all
[0:0] -A fw2masq -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A fw2masq -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn
[0:0] -A fw2masq -p tcp -m state --state NEW -m tcp --dport 631 -j ACCEPT
[0:0] -A fw2masq -p tcp -m state --state NEW -m tcp --dport 137 -j ACCEPT
[0:0] -A fw2masq -p tcp -m state --state NEW -m tcp --dport 138 -j ACCEPT
[0:0] -A fw2masq -p tcp -m state --state NEW -m tcp --dport 139 -j ACCEPT
[29:3857] -A fw2masq -p udp -m state --state NEW -m udp --dport 631 -j ACCEPT
[76:6936] -A fw2masq -p udp -m state --state NEW -m udp --dport 137 -j ACCEPT
[26:5952] -A fw2masq -p udp -m state --state NEW -m udp --dport 138 -j ACCEPT
[0:0] -A fw2masq -p udp -m state --state NEW -m udp --dport 139 -j ACCEPT
[10:1648] -A fw2masq -j all2all
[362:71722] -A fw2net -m state --state RELATED,ESTABLISHED -j ACCEPT
[45:2340] -A fw2net -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn
[40:2387] -A fw2net -j ACCEPT
[0:0] -A loc2loc -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A loc2loc -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn
[0:0] -A loc2loc -j all2all
[0:0] -A loc2net -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A loc2net -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn
[0:0] -A loc2net -j ACCEPT
[0:0] -A masq2fw -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 67 -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 631 -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 119 -j ACCEPT
[0:0] -A masq2fw -p tcp -m state --state NEW -m tcp --dport 123 -j ACCEPT
[0:0] -A masq2fw -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
[0:0] -A masq2fw -p udp -m state --state NEW -m udp --dport 67 -j ACCEPT
[0:0] -A masq2fw -p udp -m state --state NEW -m udp --dport 80 -j ACCEPT
[0:0] -A masq2fw -p udp -m state --state NEW -m udp --dport 443 -j ACCEPT
[29:3857] -A masq2fw -p udp -m state --state NEW -m udp --dport 631 -j ACCEPT
[0:0] -A masq2fw -p udp -m state --state NEW -m udp --dport 143 -j ACCEPT
[0:0] -A masq2fw -p udp -m state --state NEW -m udp --dport 110 -j ACCEPT
[0:0] -A masq2fw -p udp -m state --state NEW -m udp --dport 25 -j ACCEPT
[0:0] -A masq2fw -p udp -m state --state NEW -m udp --dport 119 -j ACCEPT
[0:0] -A masq2fw -p udp -m state --state NEW -m udp --dport 123 -j ACCEPT
[312:43250] -A masq2fw -j all2all
[431:59272] -A masq2net -m state --state RELATED,ESTABLISHED -j ACCEPT
[54:2160] -A masq2net -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn
[53:2909] -A masq2net -j ACCEPT
[899:811503] -A net2all -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A net2all -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn
[8:556] -A net2all -j common
[0:0] -A net2all -j LOG --log-prefix "Shorewall:net2allROP:" --log-level 6
[0:0] -A net2all -j DROP
[99:4500] -A newnotsyn -j DROP
[555:549392] -A ppp0_fwd -j dynamic
[555:549392] -A ppp0_fwd -o eth0 -j net2all
[0:0] -A ppp0_fwd -o eth1 -j net2all
[0:0] -A ppp0_fwd -o eth2 -j net2all
[352:262667] -A ppp0_in -j dynamic
[0:0] -A ppp0_in -p icmp -m icmp --icmp-type 8 -j ACCEPT
[352:262667] -A ppp0_in -j net2all
[0:0] -A reject -p tcp -j REJECT --reject-with tcp-reset
[60:5400] -A reject -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Tue Oct 8 14:27:27 2002

Just to keep you posted, I found a firewall installed called "Shorewall" It must have been installed by the Mandrake ISP sharing routine.My Apache services are up and running but I noticed I can not access Webmin either.

You need to unblock port 10000 for webmin, that's for sure.

Ok,
Your lan appears to be a 192.168.0.0 network using eth0
Your Internet is a dialup using ppp0

The prob is in the common chain...
[272:40310] -A common -p udp -m udp --dport 137:139 -j REJECT --reject-with icmp-port-unreachable
[2:88] -A common -d 255.255.255.255 -j DROP
[10:1648] -A common -d 192.168.0.255 -j DROP

It appears you have listed the "local" interface as "Untrusted" which is why everything is being dropped.
This is a good case for not putting these services on the firewall... (only an opinion, because I do it as well to allow access to log files)

I suggest you add "-i ! eth0" to each line to open them up, & add this to the end of the common chain
[0:0] -A common -i eth0 -j ACCEPT

This means doing it somehow in Shorewall, make "eth0 trusted",
or temporarily by changing this file directly, putting it's name back to iptables and doing "service iptables restart"
This will only work until you reboot or Shorewall saves it's script.

Regards,
Peter

Much Thanks Peter. I owe you one!