Many thanks for all these replies. I've now got it working now so that
another Debian box and a Mac can both connect through the Debian gateway.
The thing I was doing wrong was in setting the gateway on the other network
machines. Like not doing it on the Debian one [doh!] and mixing up proxy
--- Matt Zagrabelny <[EMAIL PROTECTED]> wrote:
>
> > iptables -t nat -A POSTROUTING -o ethx -j SNAT
> --to
> > ppp_address
>
> this is the wrong approach for a dialup where you
> would get a dynamic
> ip. use masquerading instead. (this will always work
> regardless of your
> external ip assign
> iptables -t nat -A POSTROUTING -o ethx -j SNAT --to
> ppp_address
this is the wrong approach for a dialup where you would get a dynamic
ip. use masquerading instead. (this will always work regardless of your
external ip assigned from the ISP)
do the following commands:
# iptables -t nat -A PO
Maybe you only need to enable IP forwarding :
ip_forward=yes
in the file /etc/network/options
Claude
On Wed, 2004-12-08 at 23:43, Sergio Basurto Juarez wrote:
> --- [EMAIL PROTECTED] wrote:
>
> > I wonder if someone could help please!
> >
> > I've upgraded to sarge, and built a new kernel wi
--- [EMAIL PROTECTED] wrote:
> I wonder if someone could help please!
>
> I've upgraded to sarge, and built a new kernel with
> lots of the networking
> options built in.
>
> I've tried to set up IP masquerading so I can use my
> Debian PC as a router
> to a [dialup] ISP. The Debian machin
On Wednesday 08 December 2004 1:09 pm, [EMAIL PROTECTED] wrote:
> Once connected to the ISP, the Debian machine can ping the IP address
> of its modem and get a response, and canload web pages. But other
> machines get nothing when I try.
Did you install the ipmasq package as well?
--
Paul
On Tue, 16 Nov 2004 19:04:16 -0800, Daniel Asarnow <[EMAIL PROTECTED]> wrote:
> Thanks for the advice. It looks like I'll be at this for a while...if
> I can't make any headway with it, I'll ask for more help
>
> Thanks again,
As a basis for your rules I recommend
http://www.netfilter.org/docume
Thanks for the advice. It looks like I'll be at this for a while...if
I can't make any headway with it, I'll ask for more help
Thanks again,
da
On Tue, 16 Nov 2004 03:11:38 -0600, Yusuf <[EMAIL PROTECTED]> wrote:
> Your firewall rules look, uh, ugly, meaning, not meant for human eyes.
> You sh
Your firewall rules look, uh, ugly, meaning, not meant for human eyes.
You should try to isolate your problem from bottom to top:
Try a minimalistic firewall. Just for testing, of course, as this is
totally insecure:
# Clear all rules
/sbin/iptables -F; /sbin/iptables -t nat -F; /sbin/iptables
Here's the output of iptables -L -v -t nat:
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 1 packets, 60 bytes)
pkts bytes target prot opt in out source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday, 11.11.2004 at 07:57 +, Alan Chandler wrote:
> On Thursday 11 November 2004 03:03, Daniel Asarnow wrote:
>
> > The complete output of iptables -L is here: www.boxbattle.com/iptables.txt
> > A bit long...
>
> I don't know what its doi
On Thursday 11 November 2004 03:03, Daniel Asarnow wrote:
> The complete output of iptables -L is here: www.boxbattle.com/iptables.txt
> A bit long...
I don't know what its doing either - some things to check:-
- There is a long list of IP networks which its doing something with
(accepting or r
On Tue, 7 Aug 2001, Vineet Kumar wrote:
> * [EMAIL PROTECTED] ([EMAIL PROTECTED]) [010807 10:35]:
> > What is a good program for Windows 98 that will allow me to set up IP
> > Masquerading to share my internet connection with some Linux boxes?
> >
> The Right Way to do this is to make one of the Li
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) [010807 10:35]:
> What is a good program for Windows 98 that will allow me to set up IP
> Masquerading to share my internet connection with some Linux boxes?
>
The Right Way to do this is to make one of the Linux machines do the
masquerade. A windows 98 mac
Firewall 1 is excellent having most of the features that are available
in Linux. I remember reading somewhere Checkpoint do SOHO versions for
about $500 so its not too expensive as these things go.
On 0, [EMAIL PROTECTED] wrote:
>What is a good program for Windows 98 that will allow me to set up
On Saturday 23 June 2001 01:37, you wrote:
> On Sat, Jun 23, 2001 at 01:22:37AM +0200, Brendon wrote:
> > On Saturday 23 June 2001 01:11, Joost Kooij wrote:
> > > How did you setup masquerading, did you install ipmasq.deb or did
> > > you try everything by hand?
> >
> > I used the mini howto on www
On Sat, Jun 23, 2001 at 01:22:37AM +0200, Brendon wrote:
> On Saturday 23 June 2001 01:11, Joost Kooij wrote:
> > How did you setup masquerading, did you install ipmasq.deb or did
> > you try everything by hand?
>
> I used the mini howto on www.linuxnewbie.org next to the Masquerading HOWTO.
> th
On Saturday 23 June 2001 01:11, Joost Kooij wrote:
> On Sat, Jun 23, 2001 at 12:45:18AM +0200, Brendon wrote:
> > 'fraid it had no affect. the syslogs on both machines show nothing out of
> > the ordinary either
>
> How did you setup masquerading, did you install ipmasq.deb or did
> you try eve
On Sat, Jun 23, 2001 at 12:45:18AM +0200, Brendon wrote:
> 'fraid it had no affect. the syslogs on both machines show nothing out of the
> ordinary either
How did you setup masquerading, did you install ipmasq.deb or did
you try everything by hand?
Cheers,
Joost
On Saturday 23 June 2001 00:35, you wrote:
> On Fri, Jun 22, 2001 at 11:56:52PM +0200, Brendon wrote:
> > Gateway: external ip 195.38.200.201 internal ip 192.162.0.1
> > Laptop: internal ip 192.162.0.2
> > desktop:..
> >
> > the gateway is able to access the net and the laptop.
> > the laptop i
> Check your routing table with 'route -n'.
> Do you have a route on the Linux router machine that looks like this? --
>
> Destination Gateway GenmaskIface
> 200.189.192.144 0.0.0.0 255.255.255.248eth1
I guess the problem is on the ipmasq rules.
I'll put thr
Guilherme Barile wrote:
> >From a computer in the 10.0.0.x network I can ping the internet (via ADSL)
> and any computer on the 10.0.1.x network (vice versa for the computers on
> the 10.0.1.x net) BUT, i cannot access the servers connected to NIC2 (eth1)
> directly I need some special rule fo
"Guilherme Barile" <[EMAIL PROTECTED]> writes:
> Hello debian users.
> I am having the following ip masquerading issue:
>
> 1) I have four networks in my office
>
> 200.189.194.144 (netmask 255.255.255.248) - internet servers
>
> 10.0.0.x (netmask 255.255.255.0) - internal network
>
> 10.0.1.x
"Dwight" == Dwight Johnson <[EMAIL PROTECTED]> writes:
> On 10 Dec 2000, Willy Lee wrote:
>> Install the 'ipmasq' Debian package. Configure, read its docs.
>> Nothing could be easier. (er, unless you have a non-standard
>> setup)
> I am new to Debian, but is this still true? I do not have this
ssage -
From: "Willy Lee" <[EMAIL PROTECTED]>
To:
Sent: Sunday, December 10, 2000 7:18 PM
Subject: Re: IP masquerading
> "Kyle" == Kyle Peterson <[EMAIL PROTECTED]> writes:
>
> > I was reading the IP masq how-to and it shows how to setup ipchains
>
On 10 Dec 2000, Willy Lee wrote:
> "Kyle" == Kyle Peterson <[EMAIL PROTECTED]> writes:
>
> > I was reading the IP masq how-to and it shows how to setup ipchains
> > in a rc.firewall file. From what I gather, debian uses a different
> > boot system. How would I make the rc.firewall for a debian
"Kyle" == Kyle Peterson <[EMAIL PROTECTED]> writes:
> I was reading the IP masq how-to and it shows how to setup ipchains
> in a rc.firewall file. From what I gather, debian uses a different
> boot system. How would I make the rc.firewall for a debian system?
> I am new to debian, I am used to u
At 11:20 AM 12/10/00 +0100, Leen Besselink wrote:
On Sun, 10 Dec 2000, Sebastiaan wrote:
> Hi,
>
> you can make a script and put it in /etc/init.d and make a link to one of
> the /etc/rcX.d. With the number (like S40firewall) you can set the
> priority.
> As an alternative, in Debian you have a
On Sun, 10 Dec 2000, Sebastiaan wrote:
> Hi,
>
> you can make a script and put it in /etc/init.d and make a link to one of
> the /etc/rcX.d. With the number (like S40firewall) you can set the
> priority.
> As an alternative, in Debian you have a /etc/rc.boot where you can put
> files which must be
Hi,
you can make a script and put it in /etc/init.d and make a link to one of
the /etc/rcX.d. With the number (like S40firewall) you can set the
priority.
As an alternative, in Debian you have a /etc/rc.boot where you can put
files which must be started at boottime (but not after a init 1; init 2)
Kyle Peterson wrote:
>
> I was reading the IP masq how-to and it shows how to setup ipchains in a
> rc.firewall file. From what I gather, debian uses a different boot system.
> How would I make the rc.firewall for a debian system? I am new to debian, I
> am used to using redhat.
i usually make
On Fri, May 26, 2000 at 01:32:42PM -0700, Pann McCuaig wrote:
> 2.0.x kernels don't use ipchains, but its predecessor, whose name
> escapes me at the moment.
That would be ipfwadm.
Cheers,
Tom
--
The University of California Statistics Department; where mean is normal,
and deviation standard.
On Fri, Nov 24, 2000 at 02:09, Brad Reid wrote:
> hello i've got a LAN setup and would like a linux box on it to be a
> gateway. the LAN works fine but it is a class C network and i would
> like to enable ip masquerading on the linux box (debian slink).
> i'm having two problems:
>1. debian di
Beavis said:
> ok, is it possible to open a x-windows interface through a ssh connection
> from a remote location all on static IP's?
Yes.
> more specifically, start x from a ssh client on another system.
>
> if so, please don't just say it is possible, but explain how
ssh to the other box. En
it may be worth looking into VNC,
http://www.uk.research.att.com/vnc/
and vnc with SSH:
http://www.uk.research.att.com/vnc/sshwin.html
its probably the simplist way to get up and goin.
but it depends on what apps you want to run (e.g. vmware does not run
worth a crap on an vnc X server)
nate
ok, is it possible to open a x-windows interface through a ssh connection
from a remote location all on static IP's?
DSL to DSL from example.
more specifically, start x from a ssh client on another system.
if so, please don't just say it is possible, but explain how
thankx --beavis-- just a gu
On Fri, Mar 31, 2000 at 06:48:19PM +0200, Philip Lehman wrote:
>
> I'm trying to set up IP masquerading on a slink/potato box which is
> supposed to route the traffic on my home LAN over an ISDN dial-up
> line. I have to admit that I have no experience with advanced
> networking of this kind.
>
>
> I'm currently set up such that I can ssh into my machine at work from home
> and all works well as long as I stay within the console session. However,
> I'm on a dialup line (no DSL yet...) and use IP masquerading, which appears
> to prevent X clients on my work box from connecting to the X serv
On Sun, Jun 27, 1999 at 12:24:03AM -0400, Paul Miller wrote:
> I'm using Debian/unstable and kernel v2.2.10. I have a ip masquerading
> Linux box setup and working. I'd like to configure ports 137 to 139 of an
> internal machine to act as ports 20137 to 20139 on the external interface of
> the L
On Mon, Jun 14, 1999 at 07:47:36AM +0100, [EMAIL PROTECTED] wrote:
> Is there any Debian specific documentation on IP Masquerading? I've read
> the mini how-to, but debian seems to have this extra /etc/ipmasq.conf file
> so I'm looking foe the correct way to configure debian IP Masquerading
> befor
On Mon, 14 Jun 1999 07:47:36 +0100, [EMAIL PROTECTED] wrote:
>Is there any Debian specific documentation on IP Masquerading? I've read
>the mini how-to, but debian seems to have this extra /etc/ipmasq.conf file
>so I'm looking foe the correct way to configure debian IP Masquerading
>before I start
On Mon, 14 Sep 1998, Tomt wrote:
> I have the hamm distrubution and I have ip masquerading enabled in the
> kernel and the masquerading package installed.
> Do I need anything else? Like another ip assigned to my nic or what?
>
Yes, each network interface (PPP, Ethernet card, etc.) must have
On Tue, Feb 17, 1998 at 09:12:57AM -0700, Steve Mayer wrote:
> I may be wrong here, but with your source mask set at
> xxx.xxx.xxx.xxx/32, the only packets that will make it through are
> broadcast packets. What happens if you change the source address to
> xxx.xxx.xxx.0/24. Someone enlighten me
I may be wrong here, but with your source mask set at
xxx.xxx.xxx.xxx/32, the only packets that will make it through are
broadcast packets. What happens if you change the source address to
xxx.xxx.xxx.0/24. Someone enlighten me if I've foobar'd this.
Steve Mayer
[EMAIL PROTECTED]
[EMAIL PROTE
"Michael Legart" <[EMAIL PROTECTED]> writes:
> > Now I'm working on IP Masquerading (finally!) and in the HOWTO, there is a
> > command called "ipfwadm". I can't figure out what package it is under (and
> > it curently doesn't exist on my system)
>
> A little question ... do you have to use ipf
Hi !
> Now I'm working on IP Masquerading (finally!) and in the HOWTO, there is a
> command called "ipfwadm". I can't figure out what package it is under (and
> it curently doesn't exist on my system)
A little question ... do you have to use ipfwadn to use ip
masquerading ? - It is for use on
Mike Patterson <[EMAIL PROTECTED]> writes:
> Now I'm working on IP Masquerading (finally!) and in the HOWTO, there is a
> command called "ipfwadm". I can't figure out what package it is under (and
> it curently doesn't exist on my system)
Oh, and you may want netstd, too.
--
Rob
--
TO UNSUB
Mike Patterson <[EMAIL PROTECTED]> writes:
> Now I'm working on IP Masquerading (finally!) and in the HOWTO, there is a
> command called "ipfwadm". I can't figure out what package it is under (and
> it curently doesn't exist on my system)
It's in the netbase package.
--
Rob
--
TO UNSUBSCRIB
Joe Piche <[EMAIL PROTECTED]> writes:
> How does one get a system set up for this? I can't find much info on the
> subject. (Yes, the kernel is compiled with that function).
Install the doc-linux package and check out
/usr/doc/HOWTO/mini/IP-Masquerade.gz
--
Rob
--
TO UNSUBSCRIBE FROM THIS MAI
49 matches
Mail list logo
