[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ipmasq problem

Jag jag forsoker satta upp ett litet natverk hemma med en maskin som
gateway till ett ADSL snore. Jag har fatt igang natverkskorten och
ADLS-scriptet ar pa plats, nu aterstar att fixa sa att mina andra
(Windows) karror far tillgang till natet.

Jag kan surfa med lynx fran linuxmaskinen men inte fran XP-maskinen pa
det lokala natverket. Jag kan telnetta och pinga gatewaymaskinen fran
XP-burken sa jag vet att jag har "kontakt". Nagon som har en ide om var
problemet sitter?

XP-maskinen ar konfigurerad med statisk ip: 192.168.1.111 och default
gateway 192.168.1.1 som ar linuxkarran pa det lokala natet.

ipmasq -v ger:

#: Interfaces found:
#:   eth0       217.208.37.123/255.255.255.0
#:   eth1       192.168.1.1/255.255.255.0
echo "0" > /proc/sys/net/ipv4/ip_forward
echo "0" > /proc/sys/net/ipv4/ip_always_defrag
/sbin/ipchains -P input DENY
/sbin/ipchains -P output DENY
/sbin/ipchains --no-warnings -P forward DENY
/sbin/ipchains -F input
/sbin/ipchains -F output
/sbin/ipchains --no-warnings -F forward
/sbin/ipchains -A input -j ACCEPT -i lo
/sbin/ipchains -A input -j DENY -i ! lo -s 127.0.0.1/255.0.0.0 -l
/sbin/ipchains -A input -j ACCEPT -i eth1 -d 255.255.255.255/32
/sbin/ipchains -A input -j ACCEPT -i eth1 -s 192.168.1.1/255.255.255.0
/sbin/ipchains -A input -j ACCEPT -i eth1 -d 224.0.0.0/4 -p ! tcp
/sbin/ipchains -A input -j DENY -i eth0 -s 192.168.1.1/255.255.255.0 -l
/sbin/ipchains -A input -j ACCEPT -i eth0 -d 255.255.255.255/32
/sbin/ipchains -A input -j ACCEPT -i eth0 -d 217.208.37.123/32
/sbin/ipchains -A input -j ACCEPT -i eth0 -d 217.208.37.255/32
/sbin/ipchains --no-warnings -A forward -j MASQ -i eth0 -s
192.168.1.1/255.255.255.0
/sbin/ipchains -A output -j ACCEPT -i lo
/sbin/ipchains -A output -j ACCEPT -i eth1 -d 192.168.1.1/255.255.255.0
/sbin/ipchains -A output -j ACCEPT -i eth1 -d 224.0.0.0/4 -p ! tcp
/sbin/ipchains -A output -j DENY -i eth0 -d 192.168.1.1/255.255.255.0 -l
/sbin/ipchains -A output -j ACCEPT -i eth0 -s 217.208.37.123/32
/sbin/ipchains -A output -j ACCEPT -i eth0 -s 217.208.37.255/32
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
/sbin/ipchains -M -S 7200 10 160
/sbin/ipchains -A input -j DENY -s 0.0.0.0/0 -d 0.0.0.0/0 -l
/sbin/ipchains -A output -j DENY -s 0.0.0.0/0 -d 0.0.0.0/0 -l
/sbin/ipchains -A forward -j DENY -s 0.0.0.0/0 -d 0.0.0.0/0 -l

Om mer konfig-info behovs sa...

M v h,
Mikael Bergman
Reply to: