Re: Debian router with iptables problem
Em Sex, 2004-09-17 às 11:47, ISPM escreveu:
> Hello all. I've been struggling to put together an alpha 164sx like a
> router to my lab using debian hardened. I have a internal network that
> have to acess the external world, and should be routed to the exterior
> by the alpha. The alpha should route then to the gateway of my
> building, a machine that i don't have acess. The debian have to
> network cards, one in the internal net and the other in the external
> (gateway) network. This is something like that:
>
>
> |-----(lab computers)
> (net)--(gateway)-------(alpha router)--|
> |-----(https server)
>
> The alpha should work like a firewall and a router. I've been trying
> to assemble by myself using iptables. The alpha cannot have X, so
> programs like firebuilder or firestarter can't be used.
> The debian is a sarge instalation with the 2.4.26-1-generic kernel
> from the netistaller, with most packages downgraded to stable and
> hardened using harden. There is plenty scripts in the internet, but
> none elucidated two things: how to use nat to route internal traffic
> to external world and vice versa
see http://iptables-tutorial.frozentux.net/ ( an excellent tutorial)
> , so the internal network can use the
> net and some services (ssh), and how to make the route to the gateway
> works (this is the hardest part for me).
the easiest part...80)
ip_forward = 1 or at /etc/network/options
ip_forward=no to ip_forward=yes
and of course deal w/ /etc/network/interfaces ( line w/gateway=)
> Just some help would be
> appreciated! I don't want to bother you all to give me the scripts.
Hi Ivan
take a look at:
- http://netfilter.org
- http://iptables-tutorial.frozentux.net/ ( an excellent tutorial)
- man interfaces
- http://linux-ip.net/ (The Guide to IP Layer Network Administration
with Linux) excellent material
best regards
>
> Very very thanks!
> -----------------------------------------------------------
> Ivan S. P. Marin
> Laboratório de Física Computacional
> Computacional Physics Laboratory
> lfc.ifsc.usp.br
> Instituto de Física de São Carlos - USP
> ----------------------------------------------------------
--
Paulo Ricardo Bruck - consultor
Contato Global Solutions
tel 011 5031-4932 fone/fax 011 5034-1732 cel 011 9235-4327
Reply to: