/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */ When I use the chains to go out, ping, traceroute, telnet, ftp, etc. everything works. However, I need to plug a gateway through the firewall to mail and web servers inside my 10.x.x.x domain. I have a Linux 2.2.12 box running ipchains 2.3.8 as a firewall. I have set all the required stuff in the kernel (IP_Masq, IP_defrag, Router, etc.) when I compiled it and the correct things showed up in /proc. Here's a snip of my firewall script: ================================================= # /etc/rc.d/init.d/firewall # Load the needed modules for masq-ing insmod ip_masq_ftp # Enable HTTP transparent Proxy to Squid server ipchains -A input -p tcp -s 10.1.0.0/22 -d 0/0 80 -l -j REDIRECT 8080 # Enable HTTP access to internal web server ipchains -A forward -p tcp -s $PUBLIC_IP/24 80 -l -j MASQ # Enable SMTP service to mail server ipchains -A forward -p tcp -s $PUBLIC_IP/24 smtp -l -j MASQ # Enable POP3 service to mail server ipchains -A forward -s $PUBLIC_IP/24 -p 110 -l -j MASQ # Load the port forwarder and rules ipmasqadm portfw -a -P tcp -L $PUBLIC_IP 80 -R 10.1.1.1 80 ipmasqadm portfw -a -P tcp -L $PUBLIC_IP 25 -R 10.1.1.20 25 ipmasqadm portfw -a -P tcp -L $PUBLIC_IP 110 -R 10.1.1.20 110 =================================================== When I telnet to the box, I get a time out error. If I run tcpdump, I see the traffic coming in with nothing going out. Input, forward and output chain counters show zero packets. Any ideas? -Paul Weber _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
