Charles:
This worked beautifully. Thanks. :)
- Mike
On Fri, 17 Mar 2000, Charles Galpin wrote:
> this should get you started. Stick this in /etc/rc.d/rc.local
>
> # IP Masquerading
> echo "1" > /proc/sys/net/ipv4/ip_forward
> /sbin/modprobe ipip.o
> /sbin/modprobe ip_masq_ftp.o
> /sbin/modprobe ip_masq_raudio.o
> /sbin/modprobe ip_irc.o
> #/sbin/modprobe ip_masq_pptp.o
>
> # sets timeouts to decent values
> # This sets the timeout for an open but inactive tcp connection to
> # 2 hours, a "properly" closed tcp connection to 2 minutes and an
> #open/inactive udp connection to 2 hours
> ipchains -M -S 7200 120 7200
>
> /sbin/ipchains -P forward DENY
> /sbin/ipchains -A forward -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
>
>
> this simply gets your intetnal machines masqueraded. As you know, you will
> want to implement additional rules for a firewall.
>
> hth
> charles
>
> On Fri, 17 Mar 2000, Michael J. McGillick wrote:
>
> > Evening:
> >
> > I have two Ethernet cards in my Linux box. I'm running ipchains. So far,
> > I've not set up anything with a Firewall blocking any of the three chains,
> > input, output or forward. They all have a default policy of accept. I
> > would like to start by making it so that my internal network,
> > 192.168.1.0/24 can talk out to the Internet. What are the rules that I
> > need to give to ipchains to do this? I've read, but so far have only
> > managed to confuse myself further :)
> >
> > - Mike
>
>
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
