Re: Setup of Gateway/Firewall
Hello everyone,
Jason McCarty wrote:
> Try doing 'modprobe ipt_MASQUERADE' before the iptables step. The
> Masquerading-Simple-HOWTO on http://www.tldp.org is a good start to
> making an iptables firewall, along with the IP-Masquerade-HOWTO.
>
Jamin W. Collins wrote:
> You don't indicate what kernel version you are using. Are you using a
> 2.4.x kernel?
OK, I have completely reinstalled woody on my gateway/firewall to try
and get it right this time. The steps I've been through are:-
1. Install bf24 woody, i.e. with a 2.4 kernel, and no added packages;
2. eth0 (connected to the cable modem) is set-up by dhcp;
3. eth1 (internal) manually added to ifconfig;
4. added scripts which run the following commands in run level 2...
modprobe ipt_MASQUERADE
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
5. I can ping eth0 and eth1 from the internal Win98 machine.
6. I can ping the internet from the gateway.
7. I can't ping the internet from the Win98 machine.
8. iptables --list shows ACCEPT policies for the input, output and
forward chains
9. lsmod gives the following (I have omitted everything except the
Module names):-
Module Size Used by Not tainted
iptable_filter
ipt_MASQUERADE
iptable_nat
ip_conntrack
ip_tables
3c509
isa-pnp
I can't access the internet from the Win98 machine connected to the
gateway and can't see what other steps I need to go through. I am
likely to pull the remainder of my hair out if I can't get this working
in the near future.
What I want to do initially is have ACCEPT policies on all chains so I
know the set-up is working. Then I will set-up some rules to protect my
network.
Can anyone help?
TIA
Mike
Reply to: