Ip_forward trouble
Greetings all. I am trying to build a firewall, and I am running into a
little trouble, hope you can help.
What for:
This firewall is to divide a section of my LAN from there other computers.
The external addresses are in the 192.168... Range, the internal will be in
the 10.0... Range.
What I have:
Pentium base with 2 3c509's. Most basic Potato install (no x, no dev, no
nothing).
What's wrong:
The problem I continue to encounter is that the firewall will not allow
traffic to flow through. Here are the steps I have taken.
After initial install, I set up the second NIC in /etc/network/interfaces by
adding address, netmask, etc. I then restarted the network
(etc/init.d/networking restart), with no errors. I then changed the
ipforward flag in /etc/network/options from no to yes, restart network
again. To make sure it worked I checked (more
/proc/sys/net/ipv4/ip_forward) with a return of 1.
At this point, the primary NIC is connected to external network, working
(tested with ping), but a test box (win 2k, setup with firewall as gateway)
on the 2nd internal NIC can not ping the firewall and can not be pinged by
the firewall.
I tried flushing the ip_chains rules and making INPUT OUTPUT and FORWARD all
ACCEPT and nothing else, no luck.
I tried installing ipmasq (which I want to use once things are working
anyway) but also no luck.
Does anyone have any suggestions?
Thanks,
-Tom
Reply to: