IPMasq Probs
Hello, I'm attempting to get IP Masquerading happening on my dial uppotato
box, so far without luck
I can't even ping a remote ip address
Which log files will can contain errors?
I haven't played with any rules or anything
so everything is as default from the ipmasq install
I *think* I have all the appropriate things compiled into the kernel, but
it didn't seem to offer quite the same options as suggested in various
howtos (kernel 2.2.17 pre6 - from potato dist) - is there a way I can
easily tell if this is a problem?
below is the output of various commands:
# /usr/sbin/ipmasq -v
Interfaces found:
ppp0 210.9.28.29/255.255.255.255
eth0 192.168.0.1/255.255.255.0
/sbin/ipchains -P input DENY
/sbin/ipchains -P output DENY
/sbin/ipchains -P forward DENY
/sbin/ipchains -F input
/sbin/ipchains -F output
/sbin/ipchains -F forward
/sbin/ipchains -A input -j ACCEPT -i lo
/sbin/ipchains -A input -j DENY -i !lo -s 127.0.0.1/255.0.0.0 -l
/sbin/ipchains -A input -j ACCEPT -i eth0 -s 192.168.0.1/255.255.255.0
/sbin/ipchains -A input -j DENY -i ppp0 -s 192.168.0.1/255.255.255.0 -l
/sbin/ipchains -A input -j ACCEPT -i ppp0 -d 210.9.28.29/32
/sbin/ipchains -A forward -j MASQ -i ppp0 -s 192.168.0.1/255.255.255.0
/sbin/ipchains -A output -j ACCEPT -i lo
/sbin/ipchains -A output -j ACCEPT -i eth0 -d 192.168.0.1/255.255.255.0
/sbin/ipchains -A output -j ACCEPT -i eth0 -d 224.0.0.0/240.0.0.0 -p ! tcp
/sbin/ipchains -A output -j DENY -i ppp0 -d 192.168.0.1/255.255.255.0 -l
/sbin/ipchains -A output -j ACCEPT -i ppp0 -s 210.9.28.29/32
echo "1" > /proc/sys/net/ipv4/ip_forward
/sbin/ipchains -M -S 7200 10 160
/sbin/ipchains -A input -j DENY -s 0.0.0.0/0 -d 0.0.0.0/0 -l
/sbin/ipchains -A output -j DENY -s 0.0.0.0/0 -d 0.0.0.0/0 -l
/sbin/ipchains -A forward -j DENY -s 0.0.0.0/0 -d 0.0.0.0/0 -l
# ipchains -L
Chain input (policy DENY):
target prot opt source destination ports
ACCEPT all ------ anywhere anywhere n/a
DENY all ----l- localnet/8 anywhere n/a
ACCEPT all ------ 192.168.0.0/24 anywhere n/a
DENY all ----l- 192.168.0.0/24 anywhere n/a
ACCEPT all ------ anywhere ppp-029.rubbish.net.au n/a
DENY all ----l- anywhere anywhere n/a
Chain forward (policy DENY):
target prot opt source destination ports
MASQ all ------ 192.168.0.0/24 anywhere n/a
DENY all ----l- anywhere anywhere n/a
Chain output (policy DENY):
target prot opt source destination ports
ACCEPT all ------ anywhere anywhere n/a
ACCEPT all ------ anywhere 192.168.0.0/24 n/a
ACCEPT !tcp ------ anywhere BASE-ADDRESS.MCAST.NET/4 any -> any
DENY all ----l- anywhere 192.168.0.0/24 n/a
ACCEPT all ------ ppp-029.rubbish.net.au anywhere n/a
DENY all ----l- anywhere anywhere n/a
On my other machine (running win95) - which does network with my machine
has my machine set as a gateway and gives the following output for
C:\route print
Active routes:
Network address Netmask Gateway address Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.18 1
+ the other usual stuff
this machine does work on another network without probs, so I think it's
probably setup right.
any help is apreciated
cheers
--------------------------------------------------------
Today people in droves hurry up past Heumoz to Villars
on the road to the ski hills, so they can rush down them
as fast as possible, so they can hurry up again in order
to rush down again. In a way this is funny,...
Francis A Schaeffer
David Purton
http://www.chariot.net.au/~dcpurton/
dcpurton@chariot.net.au
Reply to: