Try changing: ipchains -A forward -j MASQ -s 10.0.0.0/99 -d 0.0.0.0/0 to ipchains -A forward -j MASQ -s 10.0.0.0/8 -d 0.0.0.0/0 Make sure your internal ip's on your network are 10.x.x.x addresses, otherwise you need to modify the -s option. ipchains shouldn't even take 99 as an option as you can only have a maximum of /32 there. This is the netmask in CIDR format. Jay > -----Original Message----- > From: Shawn [mailto:fertch at mninter.net] > Sent: Saturday, March 24, 2001 6:12 PM > To: tclug > Subject: [TCLUG] IP Chains > > > Need some help on this if possible please. I'm trying to get > my machine > with the ISDN connection to allow the other machines on the network > out. From what I've gathered, I need to put the following lines in my > rc.local file: > > ipchains -P forward DENY > ipchains -A forward -j MASQ -s 10.0.0.0/99 -d 0.0.0.0/0 > > I also have ALL:ALL in my hosts.deny file for blocking connections, > though I'm assuming that shouldn't stop the routing (I hope). > > From my understanding on the second ipchains line, the first series of > ip addresses are the local ip range of the LAN while the second is the > generic outgoing? The document I was referencing was showing a > different internal IP address with /24 at the end. I was > assuming that > the /24 was the highest number in the last octet. > > I can connect and browse the web with the machine that is connected to > the web, but I can't seem to connect any other machine to the web. I > can ping the gateway machine and the ip of the gateway is in all > machines as well. I'm not running DNS, but I do have the machines > listed in my /etc/hosts file. > > > Anything I'm overlooking or misconfiguring? > > Shawn > > > > > _______________________________________________ > tclug-list mailing list > tclug-list at mn-linux.org > https://mailman.mn-linux.org/mailman/listinfo/tclug-list >