Please Help ! ----- Original Message ----- From: "Kevin Chan" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, February 25, 2002 12:02 PM Subject: Re: Can someone teach me how to set the IP-Table on RedHat 7.2 ?
> Hi Paul and all, > > First, I would like to say thanks for all who help me before ! Thanks again > ! > > Finally, I can set the IP-Table for the PPP server to use NAT function. I > am using gShield to config it and it's very easy to use. But I got another > problem after using it and the problem is I can't use telnet, email and > browse the PPP server (PPP server installed telent, sendmail and samba > service) using internal network (PPP server IP - 192.168.13.222 , internal > PC IP - 192.168.13.220). Also, I was set the 192.168.13.222 as a DMZ > already ! > > Can someone teach me where I can config the IP-Table and make all the > internal PC can telent, browse and check email ? > > Thanks and regards, > Kevin Chan > > > <Paul Hamm Wrote:> > > > iptables it the firewall of choice on kernel 2.4. There is a very nice > well > > documented script to run iptables it is called gShield. Get it from here > > http://muse.linuxmafia.org/gshield.html. Make sure that ipchains is > turned > > off and that iptables is turned on "> chkconfig --level 345 ipchains off" > "> > > chkconfig --level 345 iptables on". Then reboot you can do the rmmod > insmod > > if you like but rebooting works fine if you are not sure how. The main > > configuration file for gShield is /etc/firewall/gShield.conf. Start > gShield > > by running "> /etc/firewall/gShield.rc" be sure to add this to a boot > script > > so it starts automatically /etc/rc.d/rc.local will do. Out of the tarball > > gShield will give you a nice tight firewall configuration. Just check > that > > your internet and internal NICs are properly identified in the config file > > and that your private IP network is configured in /etc/firewall/conf/NATS. > > gShield has some settings for DMZ, DMZ is generally a third NIC in your > > firewall that handles machines that need to be visible on the net but that > > you want to keep away from your internal network. > > > > Kevin your diagram looks as though you have a network configuration issue > on > > the internal NIC you should have something like this the internal, private > > ip network should be the same not mixed. > > > > +----------+ > > | Internet | > > +----------+ > > | > > +-----------------------------------------------+ > > | PPP/Internet Interface(Some_Public_IP) | > > | || | > > | Firewall/Gateway server | > > | || | > > | Internal Network Interface (10.x.x.x) | > > +-----------------------------------------------+ > > | > > +----------------------------+ > > | Client machines (10.x.x.x) | > > +----------------------------+ > > > > -----Original Message----- > > From: Kevin Chan [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, February 20, 2002 10:41 PM > > To: [EMAIL PROTECTED] > > Subject: Can someone teach me how to set the IP-Table on RedHat 7.2 ? > > > > > > Hi all, > > > > Can someone teach me how to set the IP-Table on RedHat 7.2 ? > > > > I would like to set the PPP Client IP-10.0.0.1 can browse interent through > > PPP Server IP-192.168.13.222. The simple diagram as below : > > > > > Internet(0.0.0.0) > > > | > > > PPP Server-Internal Interface(192.168.13.222) > > > | > > > PPP Client (10.0.0.1) > > > > I was wrote the scripts on below files, but seem like don't work (p.s. > these > > scripts is working on RH 7.0): > > > > etc/ppp/ip-up.local > > --------------------------- > > #!/bin/bash > > ipchains -A forward -s 10.0.01 -d 0/0 -j MASQ > > exit 0 > > > > etc/ppp/ip-down.local > > ------------------------------- > > #!/bin/bash > > ipchains -D forward -s 10.0.0.1 -d 0/0 -j MASQ > > exit 0 > > > > Please teach me how & where I can set the IP-Table to solve my > > problem........ thanks ! > > > > Best regards, > > Kevin Chan > > > > > _______________________________________________ > Redhat-list mailing list > [EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/redhat-list _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
