On Fri, Apr 30, 2004 at 08:45:18AM -0400, Michael Aldrich wrote: > Hi all, > I am running the firewall script on RH Linux 7.3 (2.4.24) with dual NICs. > eth0 is connect to the outside world and eth1 is connected to my Windows XP > Pro machine. > My firewall.conf script: > > IPTABLES="/sbin/iptables" > ANYWHERE="0/0" > INT_IP="192.168.1.1" > EXT_IP=`/sbin/ifconfig eth0 | grep -i "addr:" | cut -f2 -d: | cut -f1 -d " > "` > EXT_INTERFACES="eth0" > INT_NETWORKS="192.168.1.0/24" > LOGGING_ENABLED="1" > LOGGING_PREFIX="FW:" > ALLOWED_PORTS="21 22 80 53" > TRUSTED_INTERFACES="eth1" > > My Windows settings are: > IP = 192.168.1.2 > MASK = 255.255.255.0 > GW = 192.168.1.1 > > DNS Servers are the same as listed in /etc/resolv.conf.
Configuration looks good now. Can the windows box ping the internal firewall interface (192.168.1.1)? Can the firewall ping external hosts? Can the firewall resolve the IPs of external hosts? Can the windows box ping the IP of an external host (not name, but IP)? > Am I missing something? I cannot connect to the outside world from my > Windows machine. > /var/log/messages: > > Apr 27 18:49:03 XXX-XXX-XXX-XXX kernel: FW: Mangle-PREROUTING IN=eth0 OUT= > MAC=ff:ff:ff:ff:ff:ff:00:07:0d:ac:80:54:08:00 SRC=10.119.224.1 > DST=255.255.255.255 LEN=347 TOS=0x00 PREC=0x00 TTL=255 ID=5848 PROTO=UDP > SPT=67 DPT=68 LEN=327 This is an incoming request (perhaps DHCP based on the port) from an external source (10.119.224.1). -- Jamin W. Collins To be nobody but yourself when the whole world is trying it's best night and day to make you everybody else is to fight the hardest battle any human being will fight. -- E.E. Cummings
