Re: No ip-masquerade after upgrade 2.2.19 to 2.4.20

To: Debian-User <Debian-User@lists.debian.org>
Subject: Re: No ip-masquerade after upgrade 2.2.19 to 2.4.20
From: Donald Spoon <dspoon@astcomm.net>
Date: Sun, 22 Dec 2002 11:35:17 -0600
Message-id: <[🔎] 3E05F7D5.80902@astcomm.net>
Reply-to: dspoon@astcomm.net
In-reply-to: <[🔎] Pine.LNX.4.33.0212220915440.13441-100000@p90.cook>
References: <[🔎] Pine.LNX.4.33.0212220915440.13441-100000@p90.cook>

Russ Cook wrote:

I have a home network of 5 machines running Linux (for me) and
Windows (for wife and son).  I have a masquerading gateway machine
for internet access.  I update this machine rarely, as problems
encountered affect the whole family.

I recently took the plunge and upgraded the kernel on that machine
from 2.2.19 to 2.4.20.  Now, it no longer provides internet access
for the lan.  From the gateway's console, I can access the internet,
so ppp is working.  The machine is accessible from the other computers,
so the eth0 funtions are working.  Can anyone help me troubleshoot this
problem?

In a rare moment of foresight, I kept the previous kernel and labeled
it 'safe' in lilo.conf, so I can still use that kernel, and currently
am.

Thanks much,
   Russ


Russ,

I had exactly the same situation here when I did the "upgrade" from the2.2.x kernel to the 2.4.X kernel. The answer lies in the shift fromIPCAHINS (in the 2.2.X kernels) to the use of IPTABLES (in the 2.4.xkernels). Your masquerading code was probably based on IPCHAINS.

Fortunately, the newer series of kernels maintained "backwardscompatability" with IPCHAINS, in that this functionality is available asa module in your new kernel. The quick-fix is to "modprobe ipchains"and see if masquerading is restored. If so, then you can add thismodule to the /etc/modules file and it will come up on reboot as before.

A better solution, IMHO, is to make use of the newer IPTABLEScapability. While I have not tried out everything available, I haverecently been using the "FireStarter" firewall, which will also provideIPMasq in addition to firewall services to your LAN. I am a pretty"basic" sort, so this program was a godsend. I managed to get it goingin spite of my senility and lack of computer skills <grin>. It wassimple to configure and get going...no need to write any rule-sets.When you are finished it gives you a pretty good, workingIPTABLES/NETFILTER rule-set that you can study and learn from, whilekeeping your wife & son happy... There are many other "solutions"available, and an equal number of opinions on why they are "better". Ijust found Firestarter to be the quickest way to get going for me.


Cheers,
-Don Spoon-

Reply to:

References:
- No ip-masquerade after upgrade 2.2.19 to 2.4.20
  - From: Russ Cook <russcook@flash.net>

Prev by Date: Re: Error upgrading console-data
Next by Date: Re: Sylpheed and mail clients (was: Can Kmail be used outside of KDE)?
Previous by thread: No ip-masquerade after upgrade 2.2.19 to 2.4.20
Next by thread: Re: No ip-masquerade after upgrade 2.2.19 to 2.4.20
Index(es):
- Date
- Thread