[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Setup of Gateway/Firewall

Hello everyone,

Jason McCarty wrote:

> Try doing 'modprobe ipt_MASQUERADE' before the iptables step. The
> Masquerading-Simple-HOWTO on http://www.tldp.org is a good start to
> making an iptables firewall, along with the IP-Masquerade-HOWTO.
Jamin W. Collins wrote:

> You don't indicate what kernel version you are using.  Are you using a
> 2.4.x kernel?

OK, I have completely reinstalled woody on my gateway/firewall to try
and get it right this time.  The steps I've been through are:-

1. Install bf24 woody, i.e. with a 2.4 kernel, and no added packages;

2. eth0 (connected to the cable modem) is set-up by dhcp;

3. eth1 (internal) manually added to ifconfig;

4. added scripts which run the following commands in run level 2...

modprobe ipt_MASQUERADE
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

5. I can ping eth0 and eth1 from the internal Win98 machine.

6. I can ping the internet from the gateway.

7. I can't ping the internet from the Win98 machine.

8. iptables --list shows ACCEPT policies for the input, output and
forward chains

9. lsmod gives the following (I have omitted everything except the
Module names):-

Module		Size		Used by		Not tainted


I can't access the internet from the Win98 machine connected to the
gateway and can't see what other steps I need to go through.  I am
likely to pull the remainder of my hair out if I can't get this working
in the near future.

What I want to do initially is have ACCEPT policies on all chains so I
know the set-up is working.  Then I will set-up some rules to protect my

Can anyone help?



Reply to: