Hi,

Try do this (with kernel 2.4 and iptables):

#echo 1 > /proc/sys/net/ipv4/ip_forward

ps: you can install woody with kernel 2.4 using the option "bf24" in the
boot manager of the instalation CD.

Fernando Andrade

Em Qua, 2005-01-05 às 05:58, Pierre A. Damas escreveu:
> Hello,
> 
> I am fairly new to debian and firewalls, although I can read documentation 
> ;-)
> I want to reuse an old machine to serve as firewall/proxy between two 
> subnets (with Windows machines) (192.168.1.0 (internal) and 192.168.254.0 
> (dmz))
> 
> In the dmz, the router acts as additional firewall for access to my ISP 
> (gateway: 192.168.254.1)
> 
> I installed my old Pentium-MMX 200 65Mb RAM, two network adapters (ne and 
> 8139too).
> Prerequisite: I don't want to compile my kernel myself (insmod should be 
> sufficient), certainly not on that machine (which is my only linux).
> I understood that ipfwadm is used for kernel 2.0, ipchains for 2.2 and 
> iptables for 2.4+.
> 
> Since I installed the woody distribution, I am the happy owner of a kernel 
> 2.2.
> 
> In that config, the network works fine (from the server, I can ping the two 
> subnets and access Internet).  I installed squid and everything is ok.
> 
> I would like to use ipchains, but it is "not supported in this Kernel", so I 
> searched everywhere to find an ipchains.o module to insmod for 2.2 (I found 
> for 2.4).  In which package would it be ?
> 
> ...
> 
> As an alternative, I installed the kernel 2.4.  There, iptables is correctly 
> configured, with ACCEPT policies by default.  But in this config, the 
> network doesn't work.  I checked with ifconfig, and ensured that eth0 and 
> eth1 are up (and it is the case), but I cannot ping any other machine than 
> the server itself on both subnets, and of course cannot access internet.
> 
> Iptables seems to be out of cause, since if I halt it, my ping requests are 
> correctly rejected with a message, instead of "hanging"...
> 
> For the rest, the network config is exactly the same as the one defined for 
> kernel 2.2.  But maybe there are changes in the network between these two 
> versions ?
> 
> So, my two questions:
> 
> a) where is ipchains.o for the kernel 2.2 ?
> and/or
> b) what component, installed by default in the kernel-image-2.4.16-586, 
> could be the cause of my network blockage ?
> 
> I invested more than 20 hours to read all google mailing-lists information, 
> firewall how-tos, etc., so a view on the problem by a fresh mind would be 
> appreciated...
> 
> Thanks,
> Pierre A.
> 
> _________________________________________________________________
> Do you have your own space? http://spaces.msn.com
>

Reply to:

Follow-Ups:
- Re: no ipchains with 2.2/no network with 2.4
  - From: "Pierre A. Damas" <pierredamas@hotmail.com>

References:
- no ipchains with 2.2/no network with 2.4
  - From: "Pierre A. Damas" <pierredamas@hotmail.com>

Prev by Date: Re: no ipchains with 2.2/no network with 2.4
Next by Date: Re: no ipchains with 2.2/no network with 2.4
Previous by thread: no ipchains with 2.2/no network with 2.4
Next by thread: Re: no ipchains with 2.2/no network with 2.4
Index(es):
- Date
- Thread

Re: no ipchains with 2.2/no network with 2.4