Hi, I read in a howto (can not remember which), that you also need a script. I do not know if this is needed for Debian systems, or if it is primarily needed for firewall setups. Anyway, here are the important lines. I put it in /etc/ppp/ip-up.d/masq_on
#!/bin/sh depmod -a modprobe ip_masq_ftp # so you can ftp modprobe ip_masq_raudio # so you can use realaudio (see /lib/modules/<kernelversion>/ipv4) # start a new chain ipchains -F forward # block everything ipchains -P forward DENY # masq everything from 192.168.1.* to *.*.*.* and back ipchains -A forward -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -j MASQ # set a telnet timeout ipchains -M -S 3600 10 160 This is for the server. Also remember to set the gateway of your client to your server. Greetz, Sebastiaan On Tue, 30 Jan 2001, Leonard Leblanc wrote: > I'm setting up a linux box to act as a firewall/proxy for my 4 computer > (win98) network. I have 2 ethernet cards in the linux box (both being > detected) and have complete access to the internet on my linux box. I can > ping all the win98 boxes from my linux box and can ping both network ip's on > the linux box from the win98 boxes. The only problem is I can't ping > anything past my firewall/proxy. I haven't actually setup any firewall rules > so I shouldn't be blocking myself out and I'm not quite sure where to look. > > Also I am running kernel version 2-2-13r2 with the following networking > options set: > Packet Socket > Network Firewalls > Unix Domain Sockets > TCP/IP networking > IP: advanced router > IP: firewalling > IP: always defragment > IP: transparent proxy support > IP: masquerading > IP: ICMP masquerading > IP: optimize as router not host > IP: aliasing support > IP: TCP syncookie support > IP: allow large windows > > I have read and am referencing the Firewall/Proxy how-to as well as the > IP-Masquerading HOWTO and many many others. > > Does anyone have an idea as to the next place I should look? > > Leonard Leblanc >
