My problem is my xp laptop on the lan side of my linux machine isn't getting out consistently on the internet side of my linux machine - I'm assuming the problem is the iptables are messing with the packets somehow.
The behaviour of my laptop is:
- I can't ping anything on the internet, but it's picking up the right ip address
- Microsoft Messenger manages to connect through ok (so some stuff is definitely getting through)
- Outlook starts to download a little - like it connects, gets a few bytes and then just hangs
- Strange as it may sound, I can http to
www.microsoft.com (but can't ping it) and I can http a little to some other sites (but this just stops after a few bytes)
The behaviour of my linux machine is:
- perfect; it does everything I want i.e. it connects nicely to the internet
As to what I'd like to happen is, on my laptop:
- http, smtp, pop, telnet to be routed from my laptop (10.0.0.2) to my eth1 (10.0.0.1) and then out on to eth0 (out to NTL broadband) with appropriate natting
- have all inbound traffic associated with this do the opposite so it finds its way back to my xp laptop (10.0.0.2)
iptables currently reports (although I've had various other things in at various times

:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- 10.0.0.0/24 anywhere
ACCEPT all -- anywhere 10.0.0.0/24
DROP all -- !10.0.0.0/24 anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
The script for this is:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth1 -j ACCEPT
iptables -A FORWARD -s 10.0.0.0/24 -j ACCEPT
iptables -A FORWARD -d 10.0.0.0/24 -j ACCEPT
iptables -A FORWARD -s ! 10.0.0.0/24 -j DROP
Marc