What is your connection??? When I had dialup.. I created files in /etc/ppp called:
ip-up.local and ip-down.local Those files are automatically run when the connection goes up or down.. in ip-up.local I put this line: /etc/firewall/gShield.rc That brings the firewall up when the connection goes up. if you have cable or dsl.. you can put it at the end of the file /etc/rc.d/rc.local which will bring it up at the end of the boot process. I have it in both because I use pppoe for my ADSL... can't hurt any for you to do the same.. been running it this way for years now with no problems.. Doesn't gSheild just rule??? :-) I've never seen the GUI config.. whats it like???? rgds Frank -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of magnet Sent: Tuesday, 3 December 2002 8:54 PM To: [EMAIL PROTECTED] Subject: Re: [newbie] internet sharing help needed Hi Franki, It was late and I was getting tired when I tried it last. You are, of course correct about gShield just being a script. I was getting confused with the tar file configuration GUI that is an optional extra, which has to be made. Anyway, here is a brief "what I did" for anyone else reading this. Got the GUI to compile and install >AFTER< placing gShield scripts in /etc/firewall and editing gShield.conf file to suit my IP ranges. Fired it up and amazing... it started to work right away :) Now... last few questions for this query... Can I now uninstall shorewall from this machine. it isnt running anyway and I don't ever plan to use it EVER again after the last few weeks of grief it has caused me? ;-) How do get the gShield.rc script to be executed on booting the machine rather than opening up a console as su and typing /etc/firewall/gShield.rc each time? regards magnet ===================================================== On Tuesday 03 Dec 2002 6:19 am, Franki wrote: > There is no compilation of gShield.. its just shell scripts.. > > just download the tarball from their site.. uncompress it (if you have > midnight commander you can just press enter over the tarball to enter it > and just copy the stuff into /etc/firewall with F5. if you don't have mc.. > you should, urpmi mc) > , and dump the lot in /etc/firewall then have a look in > /etc/firewall/gShield.conf > > Possibly the best config file I have seen for simplicity.. it tells you the > options you can use, and the defaults are most often correct.. > > The ICS is in that config file.. select MULTI=YES, and further down NAT=YES > > then make sure that the network address in /etc/firewall/NATS matches your > internal network.. (ie 192.168.0.0, 10.0.0.x etc) > > thats it... when gSheild is fired up, you'll have NAT,, nothing to it. > > repeat, THERE IS NO COMPILATION WITH gShield. > > rgds > > Franki > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of magnet > Sent: Tuesday, 3 December 2002 9:39 AM > To: [EMAIL PROTECTED] > Subject: Re: [newbie] internet sharing help needed > > On Tuesday 03 Dec 2002 1:07 am, Brian Parish wrote: > > On Tue, 2002-12-03 at 01:59, magnet wrote: > > > Hi all, > > > Well back from the dead once again after another fresh install > > > following a lost battle trying to get a firewall installed and working, > > > damn that shorewall! > > > > > > Machine is running mdk 9.0. So here is my question... How do I manually > > > configure my main machine to share it's modem connection to the other 5 > > > machines on my LAN? > > > > > > This is my /etc/sysconfig/network file: > > > > > > NETWORKING=yes > > > FORWARD_IPV4=true > > > HOSTNAME=linux1.local.net > > > DOMAINNAME=local.net > > > GATEWAY=192.168.0.1 > > > GATEWAYDEV=ppp0 > > > > > > The other machines are all using the 192.168.0.xxx range and all point > > to > > > > 192.168.0.1 as the gateway they should be using. > > > > > > I do NOT want to use the control centre because it demands installing > > > shorewall, which has been the biggest problem of all here causing no > > > end of trouble with blocked ports, breaking samba and ftp. I simple > > > hate it and the documentation isn't simple enough for me to understand > > > how to write iptables rules yet to achieve a fully secure machine. > > > > > > Hope some of you will take the time to offer some advice on this. > > > > > > regards > > > magnet > > > > I too gave up on shorewall. Grab gShield. Every feature you could wish > > for. Configured with a single simple conf file. > > You be up an sharing in about 2 minutes - 5 if you read the fine print. > > > > HTH > > Brian > > Cheers Brian, but I tried the mandrake rpm files which failed, and then > tried > to compile gShield from source which also didn't go too well. Can you > explain > how you set your ICS up please. > My current situation is shorewall is installed (by default as soon as I > used MCC to enable internet sharing) but it set to not start up at boot in > services. > > Did you uninstall shorewall completely and not use MCC to set-up/enable ICS > and just depend on gShield to get the results you were after? > > If I enable it, then this system changes my static IP from the required > 192.168.0.1 to 192.168.1.1. This then throws out the rest of the network > for all the other stuff I am running (samba,ftp). Even though shorewall > isn't running right now, it has killed proftpd, which cannot determine the > IP of this machine and refuses to now start, even though ifconf confirms > the IP to be 192.168.0.1. Squid also now complains on shutdown producing > errors,although this doesn't seem to affect the machine's ability to > reboot. > > regards > magnet
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
