A message for Linux.com registered users: We are in the process of making changes to the Linux forums. Starting Monday, 8/13/18 at 6:00 PM PT, you will be unable to access the forums. They will re-launch as soon as possible on Wednesday, 8/15/18 with new features and improved functionality. Thank you for your patience and stay tuned for the new improved forums.

April 2, 2011

linux firewall, iptables forwarding problem


I am new to the linux, but I need to set up a simple firewall for the local network.
I have Ubuntu kernel 2.6 installed, two NIC cards with a one static IP address to internet, I am using bridge-utilities bridge two interfaces together. The bridge is up and fine.
Now I am really stock at this point.
I set default policy to DROP for Forward and enabled forwarding.
Then add rules like these:
iptables -P INPUT DROP
iptables -P FORWARD DROP

iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

the local computer can not access internet, but if I changed default FORWARD policy to ACCEPT,
the local computer then can access internet.
I really don't understand why, Please help!

Click Here!