Ok, so I found out I don't know much about tcp/ip and firewalls. But, I couldn't find any documents on the internet on this topic (maybe I was searching wrong...I don't know)

So I was hoping you guys would help. I found out the problem with my first setup: I was blocking all the local ports (ports > 1024). So, that meant I couldn't make a successful tcp connection with any service.

I read something about the -y flag with ipchains in a few documents, but none of them clearly explained what it does. I was basically shooting in the dark with trial and error with the -y flag everywhere. Here's my current config:

(Input)
target prot opt source dest ports
ACCEPT tcp -y---- 0.0.0.0/0 192.168.2.196 * -> 25
ACCEPT tcp -y---- 192.168.2.0/24 192.168.2.196 * -> 110
ACCEPT icmp ------ 0.0.0.0/0 0.0.0.0/0 * -> *
DENY tcp ------ 0.0.0.0/0 0.0.0.0/0 * -> *
DENY udp ------ 0.0.0.0/0 0.0.0.0/0 * -> *

Foward (polict accept)

Output:
ACCEPT tcp -y---- 192.168.2.196 0/0 20 -> *
ACCEPT tcp -y--- 192.168.2.196 0/0 * -> 53
ACCEPT udp -y--- 192.168.2.196 0/0 * -> 53
ACCEPT tcp -y---- 192.168.2.196 0.0.0.0/0 * -> 25
DENY tcp ------ 0.0.0.0/0 0.0.0.0/0 * -> *
DENY udp ------ 0.0.0.0/0 0.0.0.0/0 * -> *


I know something is wrong, but what?? Could someone explain what the -y flag is and how to use it??

Thanks
-Mike