Russ Cook wrote:
Russ,I have a home network of 5 machines running Linux (for me) and Windows (for wife and son). I have a masquerading gateway machine for internet access. I update this machine rarely, as problems encountered affect the whole family.I recently took the plunge and upgraded the kernel on that machine from 2.2.19 to 2.4.20. Now, it no longer provides internet access for the lan. From the gateway's console, I can access the internet, so ppp is working. The machine is accessible from the other computers, so the eth0 funtions are working. Can anyone help me troubleshoot this problem? In a rare moment of foresight, I kept the previous kernel and labeled it 'safe' in lilo.conf, so I can still use that kernel, and currently am. Thanks much, Russ
I had exactly the same situation here when I did the "upgrade" from the 2.2.x kernel to the 2.4.X kernel. The answer lies in the shift from IPCAHINS (in the 2.2.X kernels) to the use of IPTABLES (in the 2.4.x kernels). Your masquerading code was probably based on IPCHAINS.
Fortunately, the newer series of kernels maintained "backwards compatability" with IPCHAINS, in that this functionality is available as a module in your new kernel. The quick-fix is to "modprobe ipchains" and see if masquerading is restored. If so, then you can add this module to the /etc/modules file and it will come up on reboot as before.
A better solution, IMHO, is to make use of the newer IPTABLES capability. While I have not tried out everything available, I have recently been using the "FireStarter" firewall, which will also provide IPMasq in addition to firewall services to your LAN. I am a pretty "basic" sort, so this program was a godsend. I managed to get it going in spite of my senility and lack of computer skills <grin>. It was simple to configure and get going...no need to write any rule-sets. When you are finished it gives you a pretty good, working IPTABLES/NETFILTER rule-set that you can study and learn from, while keeping your wife & son happy... There are many other "solutions" available, and an equal number of opinions on why they are "better". I just found Firestarter to be the quickest way to get going for me.
Cheers,
-Don Spoon-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
