linux firewall, iptables forwarding problem
I am new to the linux, but I need to set up a simple firewall for the local network.
I have Ubuntu kernel 2.6 installed, two NIC cards with a one static IP address to internet, I am using bridge-utilities bridge two interfaces together. The bridge is up and fine.
Now I am really stock at this point.
I set default policy to DROP for Forward and enabled forwarding.
Then add rules like these:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
the local computer can not access internet, but if I changed default FORWARD policy to ACCEPT,
the local computer then can access internet.
I really don't understand why, Please help!