"Darcy Brodie, CJL" wrote:
>
> I am trying to configure a linux box to be a firewall / masqurading
> machine for access to the internet through a cable modem. eth0 is the
> external nic card (ip supplied by isp via dhcp), and eth1 is the
> internal network (using the 192.168.1.0 class C group). These are
> communicating properly.
> I have the firewall configured as follows
>
> echo "1" >/proc/sys/net/ipv4/ip_forward
> # clear all rules and start fresh
> /sbin/ipchains -F
> /sbin/ipchains -A forward -s 192.168.1.0/24 -j MASQ
> # this prevents ICQ Time out problems
> /sbin/ipchains -M -S 7200 10 160
>
> When I run the rc.firewall program, I get no errors. However, when I
> list the ipchains (ipchains -L), all of the above rules are listed under
> teh policy DENY, and I have NO access from a workstation (although I can
> 1-ping both the internal and external networks from the linux box, and
> 2- ping the linux box from any of the workstations)
>
> Suggestions ??
The standard answer that many of us have had success with
is PMfirewall. Find it at freshmeat.net. It asks you a
bunch of questions and then builds a firewall (and ip masq,
if u need it) script for u.
Ron
--
+----------------------------------------------------------+
| Ron Johnson, Jr. Home: [EMAIL PROTECTED] |
| Jefferson, LA USA WWW : [EMAIL PROTECTED] |
| |
| Most overused words: feel, cool/kewl, fun, myBlah.com |
| Most underused word: think |
+----------------------------------------------------------+