Linux firewall

Darin Willits Tue, 12 Oct 1999 11:44:29 -0700
Hello all,

    I am trying to configure a Linux firewall to provide internet access to
a group of Win95 machines using using only one valid ip address with the
rest being masqeraded.  I have this working successfully except for the
following.  I have a Linux server living behind the firewall with a masq'ed
ip that I would like to be able to access from the internet.  It will be
running such services as ftp, http, and cvs.

    I would like to forward reqests for certain ports on the
gateway/firewall box to the server box on the internal private lan.  I have
read all of the how-to's that I can find on the subject but have yet to find
the problem with the following very simple script that I use to test this
setup.

    Can anyone see anything obvious that I am missing?

    Are there any resources for ipchains or better yet ipmasqadm that I am
missing?


Note: I have changed all of the relavant ip's to protect the inocent

#!/bin/sh
#----------------------------------------------
# Simple Firewall implementaion
#
# ---------------------------------------------
echo " - Flushing all chains - "

ipchains -F input
ipchains -F forward
ipchains -F output

echo " - Enabling forwarding from internal to external -"
ipchains -A forward -s 192.168.32.0/24 -j MASQ

echo " - Enabling ip masqaurading -"
ipmasqadm portfw -f
ipmasqadm portfw -a -P tcp -L 209.192.1.1 80 -R 192.168.32.6 80





eth0      Link encap:Ethernet  HWaddr 00:20:35:D4:39:D1
          inet addr:209.192.1.1 Bcast:209.192.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:69737 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3303 errors:0 dropped:0 overruns:0 carrier:0
          collisions:3 txqueuelen:100
          Interrupt:10 Base address:0x240

eth1      Link encap:Ethernet  HWaddr 10:00:5A:BD:56:E4
          inet addr:192.168.32.1  Bcast:192.168.32.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5627 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3682 errors:0 dropped:0 overruns:0 carrier:0
          collisions:1 txqueuelen:100
          Interrupt:3 Base address:0x300

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0


Thank you for all of your help,

Darin Willits

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
Linux firewall

Reply via email to
