First, just in case anybody didn't get it,
you can NEVER hook up a hub direction to a cable/DSN modem unless you've
been assigned seperate IP addresses from your provider for each and
every machine on the hub.
Even then, having a single masquerade/firewall machine is both safer and
cheaper.
And now on to the main point . . .
My expereince was that realPlayer 7 did *not* work when I enabled the
ip_masq_raudio modules but worked just fine when I did not. I can only
assume that RealPlayer changed its protocol since 1997 or thereabouts
when ip_masq_raudio was written (at least the Mandrake 7.0 version of
ip_masq_raudio seems to be that old, and to date from RealPlayer 4.0),
and that it doesn't work with the new protocol--but that's ok since the
new protocol must be more "standardized" since the module isn't really
required anyway.
Russ Johnson wrote:
>
> I'd start with a very simple ruleset for ipchains, and then work my way to
> secure.
>
> For instance, start with this:
>
> #!/bin/sh
> #
> /sbin/depmod -a
>
> /sbin/modprobe ip_masq_ftp
> /sbin/modprobe ip_masq_raudio
> /sbin/modprobe ip_masq_irc
> /sbin/modprobe ip_masq_quake
> /sbin/modprobe ip_masq_quake ports=26000,27000,27910,27960
> /sbin/modprobe ip_masq_portfw.o
>
> echo "1" > /proc/sys/net/ipv4/ip_forward
>
> /sbin/ipchains -F
>
> /sbin/ipchains -M -S 7200 10 160
>
> /sbin/ipchains -P forward DENY
> /sbin/ipchains -A forward -s 192.168.1.0/24 -j MASQ
>
> --8<--cut here
>
> After that runs, make sure everything works.
>
> Once that works, you can tighten up the firewall, and make it secure.
>
> I highly recommand the "Linux Firewall and Security Site" at
> http://www.linux-firewall-tools.com/linux/.
>
> He's got a firewall script builder that kicks butt.
>
> Russ
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Klar Brian D Contr
> MSG/SWS
> Sent: Friday, April 14, 2000 5:19 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: [expert] IP Masq problems (Resolved somewhat)
>
> Well last night I double checked everything on the Win box. DNS, Gateway,
> IP. Everything is setup as before. This machine is my gf's. ftp to outside,
> great. Telnet to Linux machine, fine, print fine. Checked route on Linux,
> fine. Kept starting and closing IE. Nothing, the restarted IE and just went
> to some site like redhat.com, and it made it there.
> However now that it can surf, I cant telnet into my Linux machine from here
> at the office. Any Ideas why I gain one and lose another??
>
> -----Original Message-----
> From: Alan Shoemaker [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 13, 2000 6:57 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [expert] IP Masq problems
>
> Brian....have you checked your settings in Win98 networking?
> Like the gateway ip address, is it still there? When a change
> in the network environment occurs Windows is famous for losing
> settings and losing links to drivers. A good idea might be to
> remove the tcp/ip bindings to your network card and then
> reinstalling them (you'll need your windows installation cd for
> that).
>
> Alan
>
> Klar Brian D Contr MSG/SWS wrote:
> >
> > I have my Mandrake 6.1 set up to IP Masq. My Win 98 box sees the linux box
> fine, samba is great by IE will not surf. I have used this same
> configuration for a while now, but recently had to reinstall Linux.
> Networking is on, IP forwarding is on. Win has Linux ip as gateway. They
> ping from one to another no problem. What happened that it has stopped
> working ??
> >
> > Brian D. Klar - CVE
> > OTS
> > WPAFB
> > (937)257-5773
> > 937-973-3125 (Pager)
--
"Brian, the man from babble-on" [EMAIL PROTECTED]
Brian T. Schellenberger http://www.babbleon.org
Support http://www.eff.org. Support decss
defendents.
Support http://www.programming-freedom.org. Boycott amazon.com.
