I have set up a router as per the instructions at
http://www.gentoo.org/doc/en/home-router-howto.xml. I've listed it at the bottom of this message. I use pppoe to connect to the internet on eth1.
When I try to use certain websites on other PCs on my LAN, they won't load and timeout - particularly
www.bebo.com. This won't load on Win or Lin machines - even when the firewall is switched off on the client machine. I can get this site to load on the machine that has the router installed. Windows Messenger doesn't work on some PCs either.
Can anybody help?
#!/bin/bash
opts="status info"
PATH=/sbin:$PATH
export NETWORK=192.168.2.0/255.255.255.0
#First we flush our current rules
iptables -F
iptables -t nat -F
#Setup default policies to handle unmatched traffic
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
#Copy and paste these examples ...
export LAN=eth0
export WAN=ppp0
#Then we lock our services so they only work from the LAN
iptables -I INPUT 1 -i ${LAN} -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -p UDP --dport bootps -i ! ${LAN} -j REJECT
iptables -A INPUT -p UDP --dport domain -i ! ${LAN} -j REJECT
#(Optional) Allow access to our ssh server from the WAN
iptables -A INPUT -p TCP --dport ssh -j ACCEPT
#Drop TCP / UDP packets to privileged ports
iptables -A INPUT -p TCP -i ! ${LAN} -d 0/0 --dport 0:1023 -j DROP
iptables -A INPUT -p UDP -i ! ${LAN} -d 0/0 --dport 0:1023 -j DROP
#Finally we add the rules for NAT
iptables -I FORWARD -i ${LAN} -d 192.168.2.0/255.255.255.0 -j DROP
iptables -A FORWARD -i ${LAN} -s 192.168.2.0/255.255.255.0 -j ACCEPT
iptables -A FORWARD -i ${WAN} -d 192.168.2.0/255.255.255.0 -j ACCEPT
iptables -t nat -A POSTROUTING -o ${WAN} -j MASQUERADE
LinuxQuestions.org comes up trumps again. I had to compile the following modules to get this to work:
