On 07/12/02 00:39 +0530, Jiju Thomas Mathew thus spake: > between an ADSL (cable) modem and a DLink 24 port switch. Messengers are > now connecting through http proxy. previously this box was running RH 6.2 > and the ipchains -P forward -j MASQ would enable this. But I cannot make > IPTables understand this. And my major problem is that they frequently use
iptables -t nat -A POSTROUTING -s 192.168.254.0/255.255.255.0 -o ppp0 -j MASQUERADE Replace the -s parameter values with your network. > dialup and what I have done is rewrite the default gateway whenever the > dialup is connected (ip-up.local) and rewrite the gateway on > disconnection(ip-down.local), so I will need the ip forwarding to work in > this condition too. I am not bothered about the security since the ISP has in /etc/sysctl.conf: net.ipv4.ip_forward = 1 If you are only providing HTTP proxy net access using squid, you wont need any of the two configs above though. > blocked all service ports in their firewall side, so I am pretty sure that > no one can even run a port scan on the said machine. You might need the firewall to protect yourself from other customers of your ISP who are in the same side of the ISP firewall as you are. - Sandip -- -------------------------------------------------------- Sandip Bhattacharya sandipb <@> bigfoot.com http://www.sandipb.net GPG/PGP: 0x08EB637C -------------------------------------------------------- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
