Thread: linux firewall, iptables forwarding problem

    linux firewall, iptables forwarding problem

    I am new to the linux, but I need to set up a simple firewall for the local network.
    I have Ubuntu kernel 2.6 installed, two NIC cards with a one static IP address to internet, I am using bridge-utilities bridge two interfaces together. The bridge is up and fine.
    Now I am really stock at this point.
    I set default policy to DROP for Forward and enabled forwarding.
    Then add rules like these:
    iptables -P INPUT DROP
    iptables -P FORWARD DROP
    iptables -P OUTPUT ACCEPT

    iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

    the local computer can not access internet, but if I changed default FORWARD policy to ACCEPT,
    the local computer then can access internet.
    I really don't understand why, Please help!

    cat /proc/sys/net/ipv4/ip_forward

    and output results to try to see me

