[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Setting up Masquerading on Debian machines.



Rob Browning writes:
> Is there any reason that msquerading wouldn't work right using the
> current (unstable) debian packages?

No! I've set up a firewall with it and it works fine.

> I set up the host (the one actually connected to the internet via ppp)
> with the following network related commands (in addition to a ppp
> defaultroute):
> ...
>   ipfwadm -F -p deny
>   ipfwadm -F -a accept -m -S 192.168.1.0/24 -D 0.0.0.0/0 -W eth0

I think you have to use the external device here. Please try with the check
option of ipfwadm.

>   ifconfig eth0 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255
>   route add -net 192.168.1.0 netmask 255.255.255.0
>   route add default gw 192.168.1.1 metric 1
> 
> This doesn't work.  I can ping the host from the client, and the
> host can reach the internet via it's pppd defaultroute, but the client
> cannot reach the internet, so the host is not forwarding the
> masqueraded packets.

You could add a command after the above ones on the host to make it log the
denied packages:
 
ipfwadm -F -a deny -S 0.0.0.0/0 -D 0.0.0.0/0 -o

Michael

-- 
Michael Meskes, Projekt-Manager      | meskes@topsytem.de, meskes@debian.org
topsystem Systemhaus GmbH            | Tel: (+49) 2405/4670-44
Europark A2, Adenauerstr. 20         | Fax: (+49) 2405/4670-10
52146 Wuerselen                      | Go SF 49ers! Use Debian GNU/Linux!


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com


Reply to: