Tim Evans wrote: > On 01/04/2013 12:01 PM, Tim Evans wrote: >> I'm replacing an ancient Solaris 'ipf' firewall/router with a brand new >> CentOS 6.3 system. In the olden days, I successfully used the attached >> iptables script (as /etc/rc.local) on Red Hat 5.x systems, but this >> doesn't seem to be quite working on the new system. >> >> Specifically, while it seems to be routing ok, you cannot connect to >> anything on the inside net (e.g., with ssh or a browser) and cannot >> connect to the system with ssh or anything else from elsewhere on the >> inside net. Yet arp shows this system active. >> >> Is there obsolete stuff here, and/or anything missing that would cause >> this? > > Nevermind... Temporary IP address in the script was wrong; corrected > and now working. Will be glad to see comments, though. Glad you found that. As a followup, though, when I was running a RH system as a firewall router, I ran Bastille Linux on it first, and to the best of my knowledge, never had an intrusion on my home network in about 10 years. But then, I *also* had almost *nothing* on it: no xorg, no compilers.... mark