Re: Debian router with iptables problem

To: ISPM <ispmarin@gmail.com>
Cc: debian-firewall@lists.debian.org
Subject: Re: Debian router with iptables problem
From: "paulobruck1@bol.com.br" <paulobruck1@bol.com.br>
Date: Fri, 17 Sep 2004 13:36:12 -0300
Message-id: <[🔎] 1095438972.2885.22.camel@pauloric.intranet>
In-reply-to: <[🔎] 751c63ee040917074727020a65@mail.gmail.com>
References: <[🔎] 751c63ee040917074727020a65@mail.gmail.com>

Em Sex, 2004-09-17 às 11:47, ISPM escreveu:
> Hello all. I've been struggling to put together an alpha 164sx like a
> router to my lab using debian hardened. I have a internal network that
> have to acess the external world, and should be routed to the exterior
> by the alpha. The alpha should route then to the gateway of my
> building, a machine that i don't have acess. The debian have to
> network cards, one in the internal net and the other in the external
> (gateway) network. This is something like that:
> 
> 
>                                                    |-----(lab computers)
> (net)--(gateway)-------(alpha router)--|
>                                                    |-----(https server)
>  
> The alpha should work like a firewall and a router. I've been trying
> to assemble by myself using iptables. The alpha cannot have X, so
> programs like firebuilder or firestarter can't be used.
> The debian is a sarge instalation with the 2.4.26-1-generic kernel
> from the netistaller, with most packages downgraded to stable and
> hardened using harden. There is plenty scripts in the internet, but
> none elucidated two things: how to use nat to route internal traffic
> to external world and vice versa 
see http://iptables-tutorial.frozentux.net/ ( an excellent tutorial)

> , so the internal network can use the
> net and some services (ssh), and how to make the route to the gateway
> works (this is the hardest part for me).

the easiest part...80)
ip_forward = 1 or at /etc/network/options
ip_forward=no  to ip_forward=yes
and of course deal w/ /etc/network/interfaces ( line w/gateway=)


>  Just some help would be
> appreciated! I don't want to bother you all to give me the scripts.

Hi Ivan

take a look at:

- http://netfilter.org
- http://iptables-tutorial.frozentux.net/ ( an excellent tutorial)
- man interfaces
- http://linux-ip.net/ (The Guide to IP Layer Network Administration
with Linux) excellent material


best regards


> 
> Very very thanks!
> -----------------------------------------------------------
> Ivan S. P. Marin
> Laboratório de Física Computacional
> Computacional Physics Laboratory
> lfc.ifsc.usp.br
> Instituto de Física de São Carlos - USP
> ----------------------------------------------------------
-- 
Paulo Ricardo Bruck - consultor
Contato Global Solutions
tel 011 5031-4932  fone/fax 011 5034-1732  cel 011 9235-4327

Reply to:

Follow-Ups:
- Re: Debian router with iptables problem
  - From: ISPM <ispmarin@gmail.com>

References:
- Debian router with iptables problem
  - From: ISPM <ispmarin@gmail.com>

Prev by Date: Re: Debian router with iptables problem
Next by Date: Re: Debian router with iptables problem
Previous by thread: Re: Debian router with iptables problem
Next by thread: Re: Debian router with iptables problem
Index(es):
- Date
- Thread