Hello,

I'm using iptables in order to allow internet sharing from computer X (connected to internet with Router at eth0) to computer Y connected with X with coross-X cable at eth1.

For this I use following script
The script works well but it has side effect - adds additional firewall level and I have to open ports in it in order to work normally.

I have firewall enabled in Modem/Router and it protects my home network from unaothorized access. However I don't want to enable internal firewall between X and Y... I want free access to all ports on X from Y. I don't want to open firewall for every internal system like Samba, NFS, XPDCM etc...

How do I disable firwall protection in iptables?

You make the firewall rules specific to the router interface eth0 so they don't effect eth1..
eg
/sbin/iptables -A INPUT -i eth0 -p udp --dport 4672 -j ACCEPT ## aMule UDP
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 4662 -j ACCEPT ## aMule TCP
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 21 -j ACCEPT ## FTP - Connection
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT ## SSH

/sbin/iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -j LOG --log-level 4 --log-prefix "ATTACK"
/sbin/iptables -A INPUT -i eth0 -j DROP

The last POSTROUTING rule is already being done by the previous POSTROUTING MASQUERADE rule, so is unnecessary.

Have a look at the tutorial at http://iptables-tutorial.frozentux.n...-tutorial.html

It works!!!

Thanks a lot