Re: Setting up Masquerading on Debian machines.
Rob Browning writes:
> Is there any reason that msquerading wouldn't work right using the
> current (unstable) debian packages?
No! I've set up a firewall with it and it works fine.
> I set up the host (the one actually connected to the internet via ppp)
> with the following network related commands (in addition to a ppp
> defaultroute):
> ...
> ipfwadm -F -p deny
> ipfwadm -F -a accept -m -S 192.168.1.0/24 -D 0.0.0.0/0 -W eth0
I think you have to use the external device here. Please try with the check
option of ipfwadm.
> ifconfig eth0 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255
> route add -net 192.168.1.0 netmask 255.255.255.0
> route add default gw 192.168.1.1 metric 1
>
> This doesn't work. I can ping the host from the client, and the
> host can reach the internet via it's pppd defaultroute, but the client
> cannot reach the internet, so the host is not forwarding the
> masqueraded packets.
You could add a command after the above ones on the host to make it log the
denied packages:
ipfwadm -F -a deny -S 0.0.0.0/0 -D 0.0.0.0/0 -o
Michael
--
Michael Meskes, Projekt-Manager | meskes@topsytem.de, meskes@debian.org
topsystem Systemhaus GmbH | Tel: (+49) 2405/4670-44
Europark A2, Adenauerstr. 20 | Fax: (+49) 2405/4670-10
52146 Wuerselen | Go SF 49ers! Use Debian GNU/Linux!
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: