Re: ipmasq ipchanis; newbie question
On Thu, Jul 19, 2001 at 07:07:12PM -0500, Robert Matijasec wrote:
> I am using Debian 2.2 (potato) with ipchains 1.3.9
Yep. Join the club.
> I can ping other computers on my network when ipmasq is
> disabled. But when it's on I get a operation not permitted
> message when I try to ping another machine. So as someone
> hinted before, this is probably something wrong with
> my firewall rules.
I do not understand you. Which machine run ipmasq? What are the source
and destination of ping.
> First of all do I need to recompile kernel to get masq
> to work w/my version of Debian ?
As far as you use default kernel, No. It works as is.
> I followed config file for 2.2.x kernels in the masq
> HOWTO, but I must not be doing something right.
> in any case this is what ipchains -L gives me :
> target prot opt source destination ports
> ACCEPT udp ------ anywhere anywhere bootps -> bootpc
??? Does this allow reply from bootpc ->bootps ?
Mine has both.
ACCEPT udp ------ anywhere anywhere any -> bootpc
ACCEPT udp ----l- myhost.domain.com anywhere bootpc -> any
> Chain forward (policy DENY):
> target prot opt source destination ports
> MASQ all ------ 192.168.0.0/24 anywhere n/a
> Chain output (policy DENY):
> I am connecting to my provider with dhcpcd, and that
> works as well when ipmasq is not engaged.
Did you check examples in /usr/share/doc/ipmasq?
> I noticed that some docs use 192.168.0.* for class C
> networked machines while the masq pages use
> 192.168.1.* for machines on the network, does this
> matter at all ?
Which ever works as long as you assign them consistently.
check /etc/network/interfaces
Osamu
--
~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~
+ Osamu Aoki <debian@aokiconsulting.com>, GnuPG-key: 1024D/D5DE453D +
+ My debian quick-reference, http://www.aokiconsulting.com/quick/ +
Reply to: