[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Setup of Gateway/Firewall

Last weekend I turned an old 486 with 2 NICs into a simple gateway for
my cable modem connection.  I did a basic installation from bf24 rescue
and root floppys and just installed the default packages with dselect. 
I know this has included a few things which I can almost certainly do
without like 'lynx' and 'mutt' so I will get around to removing them

I added the necessary entries to configure eth1 (the internal NIC) and
could ping both eth0 and eth1 from a Win98 machine connected to eth1
with a crossover.  I could ping the outside world from the debian box
but not from the Win98 machine.

I tried entering the following commands manually as root to get the
debian box to forward packets:-

echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

But the last line generated an error message which I think was to do
with the MASQUERADE part.

Then I reviewed the packages available and decided to install 'ipmasq'. 
After a reboot I could ping the outside world and access the internet
from the Win98 machine with no problems.  I *was* planning to keep
'ipmasq' installed and add iptables rules.

However, I have just re-read some of the messages from this list which I
filed for future reference.  I get the impression that I shouldn't need
'ipmasq' and can achieve the same with iptables.  Is that correct?  If
so, does anyone have a small iptables script which I can use to
reproduce the functionality I have at present or point out what I have
done wrong?



Reply to: