[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Setting up Masquerading on Debian machines.

Rob Browning writes:
> Is there any reason that msquerading wouldn't work right using the
> current (unstable) debian packages?

No! I've set up a firewall with it and it works fine.

> I set up the host (the one actually connected to the internet via ppp)
> with the following network related commands (in addition to a ppp
> defaultroute):
> ...
>   ipfwadm -F -p deny
>   ipfwadm -F -a accept -m -S -D -W eth0

I think you have to use the external device here. Please try with the check
option of ipfwadm.

>   ifconfig eth0 netmask broadcast
>   route add -net netmask
>   route add default gw metric 1
> This doesn't work.  I can ping the host from the client, and the
> host can reach the internet via it's pppd defaultroute, but the client
> cannot reach the internet, so the host is not forwarding the
> masqueraded packets.

You could add a command after the above ones on the host to make it log the
denied packages:
ipfwadm -F -a deny -S -D -o


Michael Meskes, Projekt-Manager      | meskes@topsytem.de, meskes@debian.org
topsystem Systemhaus GmbH            | Tel: (+49) 2405/4670-44
Europark A2, Adenauerstr. 20         | Fax: (+49) 2405/4670-10
52146 Wuerselen                      | Go SF 49ers! Use Debian GNU/Linux!

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to: