Re: ipchains, one step farther
On Wed, 18 Jun 2003 10:14 pm, Jule Slootbeek wrote:
> I'm running 2.2.20 which came with Debian 3.0r1.
> I just find it strange, because every HOWTO i read tells me it's easy to
> do, and here's i'm trying to figure it out for 4 days.
> I don't really know what's wrong maybe i should switch to a distribution
> that runs 2.4.x by default, and use iptables, anybody know of any? Does Sid
> run 2.4.x off the bat?
Well, firstly, there is an experimental version of the install disks that will
install Woody with a 2.4 kernel, you might want to look at this first.
Secondly, I'm not sure, but I think the upgrade process from 2.2 to 2.4 on
debian isn't too painful anyway, so that's where I'd start .. if you want to
go to 2.4.
That said, 2.2 will do masquerading, it's just a matter of making it do it.
The other package I mentioned is called ipmasqadm, however after a quick look
through the HOWTOs it's apparent that it's probably only required for port
forwarding and so forth.
Given the network config you stated in earlier emails :
# ipchains -A forward -s 192.168.0.0/24 -j MASQ
should be all you need. Don't forget to enable forwarding in the kernel too:
# echo "1" > /proc/sys/net/ipv4/ip_forward
I'd also start by leaving your policies as ACCEPT rather than DENY in all
chains, rather than start restrictive and try to bust a hole through when
you're not quite sure what you're doing.
t
--
GPG : http://n12turbo.com/tarragon/public.key
Reply to: