19 Apr
2013
19 Apr
'13
4:30 p.m.
On 12 April 2013 15:51, Jim Rippon jim@rippon.me.uk wrote:
The NAT rule is correct, I wouldn't alter that.
What I would do, is add a rule to the FORWARD chain in the filter table to allow this traffic, but drop anything else:
iptables -I FORWARD -i ppp0 -j ACCEPT iptables -P FORWARD DROP
Just to let you know: Adding these lines broke forwarding. Specifically the second line (which makes sense).
I have checked and the VPN interface is ppp0. We're running without those two lines quite happily.
Any suggestion what went wrong?