Hey how is everybody doing?
Let see if you can spot me here with my problem. I
use to work with Bering 1.2 for VLAN issues but now I
want to configure an old machine as a firewall using
the software shorewall which is include in Berig 1.2.
I have downloaded the quick start guide for a simple
configuration, a local net conected to the firewall
(eth1) by a hub (local PCs and the firewall by eth1
are conected to the same hub) and the firewall
conected to the router (eth0) of course eth1 has the
net IP address of the local net and eh0 has the same
net IP address of the router. Also I have configurated
all the machines within the local net with their
gateway set with the IP address of the local
interafce of the firewall (eth1) as it is said in the
quickstart guide of shorewall for two interfaces.
I have the following policies:
local net ACCEPT
net all DROP
all all REJCET
Them in the rules I have
PORT
RULE Source DEST Proto DEST
ACCEPT fw net tcp 53
ACCEPT fw net udp 53
# For ssh conection
ACCEPT loc fw tcp 22
ACCEPT loc fw icmp 8
ACCEPT net fw icmp 8
ACCEPT fw loc icmp 8
ACCEPT fw net icmp 8
ACCEPT loc fw tcp 80
ACCEPT loc fw udp 53
ACCEPT loc fw tcp 4662
ACCEPT net fw tcp 4662
ACCEPT fw net tcp 4662
ACCEPT fw loc tcp 4662
ACCEPT net fw udp 4672
ACCEPT loc fw udp 4672
ACCEPT fw net udp 4672
ACCEPT fw loc udp 4672
#SMTP mail
ACCEPT loc fw tcp 25
ACCEPT net fw tcp 25
ACCEPT fw net tcp 25
ACCEPT fw loc tcp 25
#POP mail
ACCEPT loc fw tcp 110
ACCEPT net fw tcp 110
ACCEPT fw net tcp 110
ACCEPT fw loc tcp 110
and in the Masq option of the Shorwall menu I have
#Interface Subnet Address
eth0 eth1 192.168.10.106
Where 192.168.10.106 is teh ip address of eth0
Because I am not giving any service I dont use the
NAT protocol, so my question is that from any computer
of the local
net I can ping the private interface of the router
(which is conected to the fw) and from the firewall I
can ping either the router or any local PC. But when I
try to open my web broser in any of my local PCs it
doesn�t work.
So here is my question, with Bering 1.2 and it�s
shorewall, do I have to start the firewall with any
command? or does it get set up automaticly by it self
after the sistem is booted? if so, how can I get it
started?
Did I do anything wrong in my configuration of the
firewall or in the desing of the net?
Thanks for yor time falks
___________________________________________________
Yahoo! Messenger - Nueva versi�n GRATIS
Super Webcam, voz, caritas animadas, y m�s...
http://messenger.yahoo.es
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
