[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipchains question

Eduardo Gargiulo wrote:

Hi all.

I have a linux box running ipchains and masquerading my inetrnal network.
I have subnet of real IP. The router is connected to the hub so the REAL subnet is before the firewall, so I can't protect it. I'm thinking in add an eth to the linux box and connect the router (with a cross UTP) to eth0, and connect eth1 (with real IP) and eth2 (with masqued IP) to the hub. The question is how configure ipchains and if it is possible to work or I have to add another tool to my linux box to handle this configuration?

Hi all,

My configuration is:

 |(xxx.xxx.xxx.129 ip)
  \(xxx.xxx.xxx.130 ip)
  LINUX-(xxx.xxx.xxx.132 ip)---------------------\
   |(                             |
   |                                             |(xxx.xxx.xxx.131 ip)
   |----( ip                          this host uses downstream
   |-----( ip)
   \------(192.168.1.n ip)

Linux has 3 interfaces
  eth0 xxx.xxx.xxx.130
  eth1 xxx.xxx.xxx.131

hosts in are masquaraded

  #ipchains -A forward -s -j MASQ

eth0 and eth1 are bridged

  #ipchains -A bridgein -s xxx.xxx.xxx.131 -i eth1 -j ACCEPT
  #ipchains -A bridgein -d xxx.xxx.xxx.131 -i eth1 -j ACCEPT
  bridgein chain comes from patch

default route set to xxx.xxx.xx.129

It should work just ok.
But it makes a booo ones for a while.

i thing it is doing something like that:
packets that should be masquaraded are bridged.
How to prevent from this.

Second Q:
  why normal forwarding wasn't working, why have i had to use a bridge


Reply to: