Hi everybody...
I have a Slackware client(kernel 2.6.3), and it can go through and iptables server and browse the internet nor make other tcp connection.
The curious thing is that machines that have windows as OS can go through without a problem.
this is the routing table of the linux client:
Destination Gateway Genmask Flags MSS Window irtt Iface
10.0.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 10.0.0.43 0.0.0.0 UG 0 0 0 eth0

this is the routing table of the windows client:
Rutas activas:M
Network Mask gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.43 10.0.1.111 20M
10.10.0.1 255.255.255.255 216.25.161.209 10.0.1.111 1M
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1M
10.0.0.0 255.255.0.0 10.0.1.111 10.0.1.111 20M
10.0.1.111 255.255.255.255 127.0.0.1 127.0.0.1 20M
10.0.0.255 255.255.255.255 10.0.1.111 10.0.1.111 20M
224.0.0.0 240.0.0.0 10.0.1.111 10.0.1.111 20M
255.255.255.255 255.255.255.255 10.0.1.111 10.0.1.111 1M
Puerta de enlace predeterminada: 10.0.0.43

Another curious thing is that sometimes, the linux client starts to work, but as soon I reboot it can not go through the iptables again.
any advice with this?
the /proc/sys/ip_conntrack says something about SYN_SENT and UNREPLIED....
thanks in advance.
regards,
-eduardo s.m.

your routing table seems ok. what is the nameserver for your linux client? type
"ping yahoo.com". can it find the ip of yahoo.com?

Well, I just can't ping any site 'cause my ISP had blocked the icmp ports.
I have 2 DNS, both from my ISP.
regards,
-eduardo s.m.

actually i didnt mean could u ping yahoo.com i asked this if your client can get the answers from nameserver. u have compiled costum kernel (2.6.3) right? check your kernel network configuration. u can try to ping local computers.

Yes, I can get the ip of yahoo using nslookup, also when I ping yahoo I get the ipaddress(despite I can't reach it).
and yes, I compiled a custom kernel(2.6.3), seems I have a rigth kernel network configuration I can ping and access everything normal in my local network...
Also, I have a redhat client who can't either go through the iptables, just windows clients....
As I told before, one weird think is the fact that several hours/days after I start-up my slackware client it begins to work, but as soon I reboot the machine all becomes screwed again...
any other hint would be appreciated..
regards,
-eduardo s.m.

have u tried slack standart kernel? i have two redhat 8.0 clients with costum kernels (2.6.4). my server (transparent proxy) is redhat 8.0 with standart kernel. other clients r win98, 2k and xp. i dont have any trouble like this...

check windowz (2k xp) clients if there r viruses. a friend of me had a trouble like that. all network seems ok. but sometimes noone of clients cant reach the internet. there was a virus. i cant remember the name of virus. maybe it was a variant of blast.

Maxut:
Yes, I already tried "standard" kernel both in slackware & redhat; in fact, that's why I was trying a custom kernel, because of this problem, I thougth maybe it was a kernel bug, but the custom kernel didn't fix this problem at all.

The Windows clients don't have any problem to go through iptables, they're pretty stable.
My post about the "weird" behaivor(client suddenly can't go through the iptables) is for the slackware client.

I think that the problem is in the network configuration of the slackware client, I don't understand why my win clients can access the internet but no my linux clients.

Everything seems to be ok, but how can you explain that suddenly after several hours the linux client suddenly can access the internet ?? :/ that's very frustating. ...

well, if you or someone else have any other clue or thing I can try I appreciate it...
thanks in advance..
regards,