Re: i need some basic help...
Quick an dirty, use firestarter to create your
firewall. Warning!!, firestarter has a few bugs, but I
did not see anything serious.
-tim.
--- Talon <megglestone@heritage.sd57.bc.ca> wrote:
> Quoting Federico Lazcano <flazcano@hardtec.com.ar>:
>
> > Hi, I have a problem with my linux box.
> > Packets from the internal networks doesn't flow
> through the external if.
> > I had double checked everything, but it still
> doesn't work. I'm going
> > slightly mad.
> >
> > INTIF="eth0"
> > INTNET="10.0.0.0/24"
> > EXTNET="192.168.10.0/24"
> > EXTIF="eth1"
> >
> > [ Windoz ]10.0.0.10-----------10.0.0.1[ Linux
> > ]192.168.10.222-------------192.168.10.1[ Internet
> ]
> >
> > Routing table, I think it's OK
> >
> > iguard:/home/radmin# route -n
> > Kernel IP routing table
> > Destination Gateway Genmask
> Flags Metric Ref Use
> > Iface
> > 192.168.10.0 0.0.0.0 255.255.255.0 U
> 0 0 0
> > eth1
> > 10.0.0.0 0.0.0.0 255.0.0.0 U
> 0 0 0
> > eth0
> > 0.0.0.0 192.168.10.1 0.0.0.0 UG
> 0 0 0
> > eth1
>
> > it's not the obvious thing
> > echo "1" > /proc/sys/net/ipv4/ip_forward
> >
> > my firewall is wide open
> >
> > Chain INPUT (policy ACCEPT)
> > target prot opt source
> destination
> >
> > Chain FORWARD (policy ACCEPT)
> > target prot opt source
> destination
> >
> > Chain OUTPUT (policy ACCEPT)
> > target prot opt source
> destination
>
> I wonder if you need ipmasq installed?
> If your running kernel 2.4 you should check your nat
> table.
> Otherwise if your running kernel 2.2, your above
> statement
> doesn't show masq at all.
>
> # apt-get install ipmasq
>
> Cheers,
> Mike
>
>
>
>
>
> -------------------------------------------------
> This mail sent through IMP: http://horde.org/imp/
>
>
> --
> To UNSUBSCRIBE, email to
> debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com
Reply to: