Re: ipchains/ip_masq problems
In article <[🔎] 19981207201602.A20406@teleute.ml.org> Steve Lamb wrote:
> On Mon, Dec 07, 1998 at 11:10:28PM -0500, wax_man@bellsouth.net wrote:
> >
> > Any ideas on what I have not done properly?
>
> Trying to do it yourself... ;)
>
> ipmasq - Initializes IP Masquerade firewalling/forwarding
>
> This package contains scripts to initialize IP Masquerade, a feature of
> Linux that allows an entire network of computers to be connected to another
> network (usually the Internet) with only one network address on the other
> network. IP Masquerade is often referred to as NAT (Network Address
> Translation) on other platforms.
>
> The package by default configures the system for a basic forwarding
> firewall, with IP spoofing and stuffed routing protection. However, ipmasq
> now features a very flexible framework whereby you can override any of the
> predefined rules if you so choose. It also allows you to control if the
> rules are reinterpreted when pppd brings a link up or down.
>
> IP Masquerade requires the kernel to be compiled with CONFIG_FIREWALL,
> CONFIG_IP_FIREWALL, CONFIG_IP_FORWARD, and CONFIG_IP_MASQUERADE.
>
>
> --
> Steve C. Lamb | Opinions expressed by me are not my
> http://www.calweb.com/~morpheus | employer's. They hired me for my
> ICQ: 5107343 | skills and labor, not my opinions!
I'm trying to get ICQ on win98 out through a Linux firewall with not
much luck so far. It sometimes works, usually mostly fails when the
other end is also behind a firewall.
I've got the above (CONFIG_*) configged in, have ipmasq installed with
the following in rc.boot/ipmasq:
ipfwadm -F -p deny
ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
(192.168.1.2 is the win98 box and 192.168.1.1 the firewall)
This is supposed to make ICQ happy but it fails with
"setsockopt: Protocol not available":
/usr/sbin/ipautofw -A -r tcp 2000 4000 -c udp 4000 -u
It looks like you (Steve) have ICQ working OK. Whatsa trick?
Rick
--
Reply to: