Re: Firewall to two networks

To: Debian-firewall@lists.debian.org
Subject: Re: Firewall to two networks
From: "Vince Mulhollon" <vlm@norlight.com>
Date: Thu, 22 Aug 2002 12:01:29 -0500
Message-id: <[🔎] OFC3765D99.9FB77DAA-ON86256C1D.005BBA20@norlight.com>

On 08/22/2002 11:35:53 AM "Chris Evans" wrote:

>> c) if so, and given that ISP won't route packets from private
>> addresses I'm sure, how do I get iptables to rewrite the passing on
>> of the packages.

I have not done this exact config with two internal networks, but something
close to:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

And don't forget an 'echo 1 > /proc/sys/net/ipv4/ip_forward

I hear that getting two internal networks to talk to each other via a MASQ
firewall is an interesting task.

>> # /etc/network/interfaces -- configuration file for ifup(8),
>> #auto eth1
>> #iface eth1 inet static
>> #  address 192.168.1.1
>> #  netmask 255.255.255.0
>> #  network 192.168.1.0
>> #  broadcast 192.168.1.255
>> #  gateway 217.34.100.197

Why comment these guys out  (#)?  How do they get configured?
Don't think you need that gateway entry for the internal interfaces because
your machine IS the gateway.

Here's the important part:
Post your /sbin/route -n from the firewall itself.
Also post your ifconfig from the firewall.

Reply to:

Follow-Ups:
- Re: Firewall to two networks
  - From: "Chris Evans" <chris1@psyctc.org>
- Re: Firewall to two networks
  - From: "Chris Evans" <chris@psyctc.org>

Prev by Date: Firewall to two networks
Next by Date: Re: Firewall to two networks
Previous by thread: Firewall to two networks
Next by thread: Re: Firewall to two networks
Index(es):
- Date
- Thread