RE: Firewalls and IP Maskerade
Hey,
I am able to access the internet from my linux box. I tried a few sites
with lynx, and they all connected. My /etc/network/interface file has the
following entry when I boot up, which is sufficient to properly configure my
cable modem NIC as it seems.
iface eth1 inet dhcp
That /etc/network/interface file is "execute" on start-up I gather? Could I
add an entry for my other NIC? How would I do so if possible? It doesn't
seem like I will need to reconfigure the eth1 NIC (since I can access the
net). But if I had to and wanted to configure it has a "static ip", how
would I go about finding my cable modem ip (24.200.41.cablemodemIPnumber)?
Finally, I tried the apt-get command. I got an error saying it could not
find the packages or something. Do I have to specify where it should look
for it (soruces.lists or something)?
Thx for the help
-----Original Message-----
From: will trillich [mailto:will@serensoft.com]
Sent: Wednesday, January 17, 2001 2:52 AM
To: debian-user@lists.debian.org
Subject: Re: Firewalls and IP Maskerade
On Tue, Jan 16, 2001 at 02:41:43PM -0500, seg wrote:
> Hi,
>
> Both my network cards were detected and both seem to be
> working right. One of them has a local network address which
> I assigned my self with the following command: ifconfig eth0
> 192.168.0.1. The other was configured as a cable modem upon
> installation. When I boot it is assigned the address
> 24.200.41.15 and the netmask 255.255.255.0.
from what i can tell (and based on my setup)
you need the address of the cablemodem...
if your ip is static, the the cablemodem's
probably is, too. if not, you're probably in
need of dhcp expertice, which i don't have. :)
> My routing tables consists of the following entries (all
> automaticaly configured, I haven't entered any):
>
> 192.168.0.0 * 255.255.255.0 u 0 0 0 eth0
> 24.200.41.0 * 255.255.255.0 u 0 0 0 eth1
> default modemcable001.4 0.0.0.0 ug 0 0 0 eth1
>
>
> My hosts file /etc has the following entries. I added the last 3
entries.
>
> 127.0.0.1 Lisa localhost
> 192.168.0.2 Marge
> 192.168.0.3 Homer
> 24.200.41.15 LIsa
presuming you're using a healthily-updated potato, (debian 2.2)
your /etc/network/interfaces should resemble
iface lo inet loopback
iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
iface eth1 inet static
address 24.200.41.15
netmask 255.255.255.0
network 208.33.90.0
broadcast 24.200.41.255
gateway 24.200.41.cableModemIPnumber
then configure all your other networked boxes
to be 192.168.0.<2,3,4...> and have a default/
gateway/router of 192.168.0.1 (being your linux).
> From my linux box, I can ping addresses on the 192.168.0.0
> and 24.200.41.0 networks and I can ping the DNS server
> (24.200.243.242). I can't ping modemcable001.4 From my
> win98SE comps I can only ping addresses in the 192.168.0.0
> network. If I want to ping addresses in the 24.200.41.0 or
> the DNS server, I need to enter the following commands:
> ipchains -P forward ACCEPT and ipcahins -A forward -s
> 192.168.0.0/24 -d 0/0 -j MASQ. Also before I can enter
> these commands I need to enable ip_forward: echo 1 >
> ip_forward. .
aha!
apt-get install ipmasq
boy will THAT save you some trouble!
> I cannot access the internet from any on my win98SE comps.
> And I haven't installed any applications on my linux box, so
> I can try accessing any http sites from the this comp. The
> proxy settings are detected but the pages will not load.
> What has to be done to fix the situation and to allow games
> and email progs to go through?
make sure your linux can get to the web; try something
like
lynx http://www.rootprompt.org
once your 'ipmasq' package is installed and your ipchains
(or ipfwadm for slink users) rules are in place, then any
connect success you have on the linux box ought to be
reproducible on the windo~1 boxes. theoretically.
--
See, if you were allowed to keep the money, you wouldn't
create jobs with it. You'd throw it in the bushes or
something. But the government will spend it, thereby
creating jobs. -- Dave Barry
will@serensoft.com *** http://www.dontUthink.com/
volunteer to document your experience for next week's
newbies -- http://www.eGroups.com/messages/newbieDoc
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: