I see at least a couple of things wrong with the script:
> /sbin/ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
first of all, this line will (imho) masquerade *anything* coming in from
192.168.1.* - anything after this will usually only reject specific
services. correct me if i am wrong =) but afaik you should need nothing
after this for "standard" services like www and news. at least that's the
way it worked for me :)
> # Forward DNS traffic
> /sbin/ipfwadm -F -a masquerate -b -P udp -S 0.0.0.0/0 53 -D 192.168.1.0/24
^
typo.. plus, i don't understand this line. it should be unnecessary.
> # Forward News
> /sbin/ipfwadm -F -a accept -b -P tcp -S 192.168.1.0/24 1024:65535 -D
> 0.0.0.0/0 119
> /sbin/ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 119 -D 192.168.1.0/0
^
> 1024:65535
A netmask of 0 ( = 0.0.0.0 ) will match everything, this is therefore
identical to 0.0.0.0/0 - you probably want /24 there, but i still dont see
why this is necessary. Especially not on all ports >1023.
Seriously, I don't think you need any of these lines, except the first
one.
Oh yeah, and the news server should be your isp's, not your masq box.
Regards,
Pete
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
