RE: Firewall & IP Forwarding problems
(I'm posting this again because I couldn't see it show up in the mailing
list the first time)
Yeah, I've tried that also, but then I learned that VMWare's network
bridge won't work with wireless interfaces under linux...
Ronald
-----Original Message-----
From: wim [mailto:wimpunk@gmail.com]
Sent: domingo, 31 de julio de 2005 11:20
To: Debian User
Subject: Re: Firewall & IP Forwarding problems
Ronald Castillo wrote:
> Hello.
>
> I'm trying to connect my pocket pc by wíreless to my VMWare Windows
2000
> virtual PC. Which means, I need a completely transparent connection
> between my eth1 (wireless) and vmnet8 (vmware emulated lan) devices.
>
> So far, I've tried using the following script:
>
> -----------------------------------------------------------
>
> #!/bin/sh
> echo -e "\n\nLoading simple rc.firewall version $FWVER..\n"
>
> IPTABLES=/sbin/iptables
> DEPMOD=/sbin/depmod
> INSMOD=/sbin/modprobe
> #Setting the EXTERNAL and INTERNAL interfaces for the network
> #
> EXTIF="vmnet8"
> INTIF="eth1"
>
> echo " External Interface: $EXTIF"
> echo " Internal Interface: $INTIF"
>
>
#======================================================================
> #== No editing beyond this line is required for initial MASQ testing
==
> echo -en " loading modules: "
>
> # Need to verify that all modules have all required dependencies
> #
> echo " - Verifying that all kernel modules are ok"
> $DEPMOD -a
>
> echo
>
"----------------------------------------------------------------------"
>
> echo -en "ip_tables, "
> $INSMOD ip_tables
>
> echo -en "ip_conntrack, "
> $INSMOD ip_conntrack
> #Load the FTP tracking mechanism for full FTP tracking
> #
> # Enabled by default -- insert a "#" on the next line to deactivate
> #
> echo -en "ip_conntrack_ftp, "
> $INSMOD ip_conntrack_ftp
> #Load the IRC tracking mechanism for full IRC tracking
> #
> # Enabled by default -- insert a "#" on the next line to deactivate
> #
> echo -en "ip_conntrack_irc, "
> $INSMOD ip_conntrack_irc
> echo -en "iptable_nat, "
> $INSMOD iptable_nat
> echo -en "ip_nat_ftp, "
> $INSMOD ip_nat_ftp
>
> echo -e "ip_nat_irc"
> $INSMOD ip_nat_irc
>
> echo
>
"----------------------------------------------------------------------"
>
> echo -e " Done loading modules.\n"
> echo " Enabling forwarding.."
> echo "1" > /proc/sys/net/ipv4/ip_forward
>
> echo " Enabling DynamicAddr.."
> echo "1" > /proc/sys/net/ipv4/ip_dynaddr
> echo " Clearing any existing rules and setting default policy.."
> $IPTABLES -P INPUT ACCEPT
> $IPTABLES -F INPUT
> $IPTABLES -P OUTPUT ACCEPT
> $IPTABLES -F OUTPUT
> $IPTABLES -P FORWARD DROP
> $IPTABLES -F FORWARD
> $IPTABLES -t nat -F
>
> #echo " FWD: Allow all connections OUT and only existing and related
> ones IN"
> #$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state
> ESTABLISHED,RELATED -j ACCEPT
> $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT
> $IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
> $IPTABLES -A FORWARD -j LOG
>
> echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF"
> $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
>
> echo -e "\nrc.firewall-2.4 v$FWVER done.\n"ð
>
> --------------------------------------------
>
> After applying this script, I'm able to ping the pocketpc from the
> VMWare system and, when I tap on "Connect" on the pocketpc, Activesync
> on the VMWare system starts rolling but stops a while later saying a
> "Critical communication services failed to start..." error which I
> learned was because a firewall blocked the application. All solutions
I
> found were for Windows, so I would appreciate any help I could get to
> make this work under Linux.
>
> I'm running a Sarge system with a 2.6.12.2 kernel.
>
> Thanks in advance,
>
> Ronald
Check your vmware startup scripts.
Somewhere there's a vmware-bridge, but I never made a succesful bridge
with an encrypted wireless network.
wim.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: