Serge Matovic wrote:
Alexandru !!! THANK YOU/THANK YOU/THANK YOU !!!!
I typed in your line (at the end of all of my commands
to setup the bridge and router) and it WORKS !!!
Now, I must find out what your line did to enable
those sites that failed to load before, to load now.
Most of the time, this means you don't allow the
icmp-fragmentation-needed-but-df-bit-is set packets in. If you don't
have these rules
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
right on the top of your ruleset, that is your problem.
/me goes to bed, wondering how many bad recipes for iptables are on the
net. You're only the third this month....
Post the output of iptables-save so we can examine your ruleset please.
HTH,
M4
|