masquerading (NAT) firewall with firewall-easy
If anyone has managed to set up a masquerading firewall with
firewall-easy, could they please tell me how they did it?
Or recommend an alternative package for the same purpose?
The only configuration change I've made to firewall-easy.conf is to
add LOCALNET_IFACES=eth1 and ADSL_IFACES=eth0. From reading the config
files and the man pages I can't see what else would be required.
The output of "iptables -n -L" and "firewall-easy debug" looks correct
to me, though there's a lot of it and I might have overlooked
Everything else is working apart from masquerading, obviously: I have
ssh from the server to the client, http from the client to the server,
and http from the server to the Internet. Now I would like http from
the client to the Internet to work, and maybe some other services.
I have tried studying the Linux iptables HOWTO and the Linux IP
Masquerade HOWTO. Sadly, I was unable to get the low-level
instructions in the latter document to work, either.
It's a standard Debian kernel, 2.4.26. I did "dpkg --purge ipmasq" in
case it interferes. (I used to have masquerading that worked using the
package ipmasq, with PPP and an older kernel.)