[Masq] ipchains problems (I think)

Sun, 18 Apr 1999 08:46:40 -0700 


I'm running linux gateway box using slack 4.0 (beta) and kernel 2.2.5, and
all of the workstations are win98 boxes.  I can't get any of the
workstations to see the internet.  Here's the stuff that's applicable.  If
you need any other info, let me know, and thanks in aadvance.


1) eth0 is the external NIC, eth1 is the internal NIC

2) All of the internal boxes can ping to the gateway box, and the gateway
box can ping all of the internal boxes.

3) The gateway box can ping external boxes, and external boxes can ping the
gateway box.

4) My routing table looks like this (netstat -rn):

   Kernel IP routing table
   Destination  Gateway    Genmask        Flags  MSS  Window  irtt  Iface
   24.4.70.0    0.0.0.0    255.255.255.0  U        0  0          0  eth0
   10.10.0.0    0.0.0.0    255.255.255.0  U        0  0          0  eth1
   127.0.0.0    0.0.0.0    255.0.0.0      U        0  0          0  lo
   0.0.0.0      24.4.70.1  0.0.0.0        UG       0  0          0  eth0

5) The applicable contents of rc.local file are:

   ipchains -P forward DENY
   ipchains -A forward -j MASQ -s 10.10.0.1/32 -d 0.0.0.0/0
   ipchains -A forward -j MASQ -s 10.10.0.2/32 -d 0.0.0.0/0
   ipchains -A forward -j MASQ -s 10.10.0.3/32 -d 0.0.0.0/0

6) Using ipchains -L shows me this:

   Chain input (policy ACCEPT)
   Chain forward (policy ACCEPT)
   target  prot  opt      source   destination   ports
   MASQ    all   ------   john     anywhere      n/a
   MASQ    all   ------   sluggo   anywhere      n/a
   MASQ    all   ------   kathy    anywhere      n/a

7) Using ipchains -M -L shows me this (and this kind of bothers me since I
think there should be some entries here):

   IP masquerading entries

8) I have configured the kerenel as follows:

   CONFIG_EXPERIMENTAL=y
   CONFIG_FIREWALL=y
   CONFIG_ROUTE_NAT=y
   CONFIG_IP_FIREWALL=y
   CONFIG_IP_ALWAYS_DEFRAG=y
   CONFIG_IP_MASQUERADE=y
   CONFIG_IP_MASQUERADE_ICMP=y
   CONFIG_IP_MASQUERADE_MOD=y
   CONFIG_IP_MASQUERADE_ROUTER=y



/*===================================================*/
 There are three types of lies...
   lies ("You'll never need more than 64K"),
   damn lies ("Windows is more stable than Linux"), and
   press releases ("It will be released as scheduled").

 John Simmons (Redneck Techno-Biker)               
 http://www.members.home.net/jms1/index.html

 John Simmons (Barbarian Diecast Collector)
 http://www.members.home.net/jsimm/diecast_index.html
/*===================================================*/



_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]

Reply via email to