RE: ipmasq ipchanis; newbie question

To: "Mike Egglestone" <megglestone@heritage.sd57.bc.ca>
Cc: "Debian-User@Lists. Debian. Org" <debian-user@lists.debian.org>
Subject: RE: ipmasq ipchanis; newbie question
From: "Robert Matijasec" <matijar@flashmail.com>
Date: Sun, 22 Jul 2001 14:09:28 -0500
Message-id: <[🔎] MOELJNEGGNFOAOEDINDBMEOACCAA.matijar@flashmail.com>
In-reply-to: <[🔎] 995663344.3b589df0c9b82@heritage.sd57.bc.ca>

um, it works now. basically I don't really know what I did
except just flush out ipchains and redid my network interfaces.
I think I have some kinda weird startup script that messes
everything up. or just maybe don't have any startup scripts and
it defaults to somethin I don't want. in any case, I am a
happy boy now.


-----Original Message-----
From: www-data [mailto:www-data@heritage.sd57.bc.ca]On Behalf Of Mike
Egglestone
Sent: Friday, July 20, 2001 4:09 PM
To: Robert Matijasec
Cc: Debian-User@Lists. Debian. Org
Subject: Re: ipmasq ipchanis; newbie question


Quoting Robert Matijasec <matijar@flashmail.com>:

>
> I am using Debian 2.2 (potato) with ipchains 1.3.9
> attempting to get ip masquerading to work.
>
> I can ping other computers on my network when ipmasq is
> disabled. But when it's on I get a operation not permitted
> message when I try to ping another machine. So as someone
> hinted before, this is probably something wrong with
> my firewall rules.

How do you have your nics setup?
eth0 is usually assigned to your ISP...and
ethx is usually assigned to your subnets......ex
192.168.1.1       eth1
192.168.2.1       eth2




>
>
> First of all do I need to recompile kernel to get masq
> to work w/my version of Debian ?

You shouldn't have to recompile the kernel with Potato on a
basic install....

>
> I followed config file for 2.2.x kernels in the masq
> HOWTO, but I must not be doing something right.
>

to get ipmasq working.....all you need to have is your nics setup
properly...
and then run
apt-get install ipmasq

the ipmasq program will automagically configure your ipchains for you....
edit them after if you have special rules....

Its also nice to have a dhcp server assign your workstations
the private IP's ... but that's totally up to you....



> in any case this is what ipchains -L gives me :
> target prot opt 	 source 	destination ports
> ACCEPT udp  ------ anywhere 	anywhere    bootps -> bootpc
> Chain forward (policy DENY):
> target prot opt    source         destination ports
> MASQ   all  ------ 192.168.0.0/24 anywhere    n/a
> Chain output (policy DENY):



>
> I am connecting to my provider with dhcpcd, and that
> works as well when ipmasq is not engaged.
>
>
>
> I noticed that some docs use 192.168.0.* for class C
> networked machines while the masq pages use
> 192.168.1.* for machines on the network, does this
> matter at all ?

You can use any private ranges from 192.168.x.x
I think 10.0.0.x
is an another available range....
Someone could correct me on this.....:)


Hope this helps a bit....

Mike

Reply to:

References:
- Re: ipmasq ipchanis; newbie question
  - From: Mike Egglestone <megglestone@heritage.sd57.bc.ca>

Prev by Date: Re: X freezing seconds after starting when mouse moves
Next by Date: Re: ipchains for the firewall challenged
Previous by thread: Re: ipmasq ipchanis; newbie question
Next by thread: Re: asp visual basic on linux
Index(es):
- Date
- Thread