i know this is not the solution you are after but.... get yourself a router (in my case a speedtouch 510 - 4 port - NOT usb) share connection with the router..... dump shorewall the end
On Sunday 07 Mar 2004 H:02, Klemens Arro wrote: > Derek Jennings wrote: > >On Friday 05 Mar 2004 22:45, Klemens Arro wrote: > >SNIP > > > >>>>Thanks, but it didn't help, shorewall started but I still can't share > >>>> my ADSL. > >>>>As for the question, no I didn't put it there, Mandrake Controll Center > >>>>internet connection sharing tool put it there. > >>>> > >>>>Here is /etc/shorewall/interfaces: > >>>> > >>>>#ZONE INTERFACE BROADCAST OPTIONS > >>>>net ppp+ detect > >>>>loc eth0 detect > >>>>#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE > >> > >>/etc/shorewall/zones: > >> > >>#ZONE DISPLAY COMMENTS > >>net Net Internet zone > >>loc Local Local > >>#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE > >> > >>/etc/shorewall/policy: > >> > >># THE FOLLOWING POLICY MUST BE LAST > >># > >>loc net ACCEPT > >>fw net ACCEPT > >>net all DROP info > >>all all REJECT info > >>#LAST LINE -- DO NOT REMOVE > >> > >>/etc/shorewall/rules: > >> > >># PORT PORT(S) > >>DEST LIMIT > > > >Nothing to do with your Internet sharing but you should remove these 2 > > lines > > > >>ACCEPT net fw udp 137,138,139 - > >>ACCEPT net fw tcp 137,138,139 - > > > >If these lines are present, and you are running Samba (Windows > > networking), then anyone on the internet could access your Samba file > > shares. > > > >>ACCEPT loc fw udp 137,138,139 - > > > >Again nothing to do with your problem, but if you want to add any other > >features to your Linux box you should open up the appropriate port here. > >Ports you might like to open are :- > >22 - ssh service > >631 - CUPS print server > >10000 - Webmin configuration > > > >>ACCEPT loc fw tcp 137,138,139 - > > > >This line has nothing to do with Internet sharing. I do not know how it > > got in, but I suggest you remove it. > > > >>REDIRECT loc 3128 tcp www - > >> > >> > >> > >> > >> > >> > >>ACCEPT fw net tcp www > >>#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE > >> > >>/etc/shorewall/masq: > > > >You only need one of these lines. The other can be removed. > > > >>ppp+ 192.168.0.0/255.255.255.0 > >>ppp+ 192.168.0.0/255.255.255.0 > > > >I assume your internal ethernet is on the 192.168.0.0 subnet? > > > >None of the comments I have made above would stop shorewall from working, > > and you say that shorewall now starts, so it looks as if Internet sharing > > is actually working. > > > >Your problem may be that you have not configured the Windows clients > >correctly. If you have not started a DHCP server on the Linux box (to > >allocate IP addresses to the Windows machines), then you should be using > >static addressing on the Windows clients. (IP addresses manually > > configured) You should also configure the Windows clients to use the > > Linux box as the "Default Gateway", and you should enter the IP addresses > > of your ISPs DNS servers in the DNS configuration of your Windows > > clients. > > > >BTW: By default shorewall inhibits 'ping' so do not be surprised if you > > cannot ping the Linux box from your Windows clients. > > > >HTH > > > >derek > > Yes, my internal ethernet subnet is 192.168.0.0. > I configured windows but it didn't help, I even allowed pinging (from > MCC) but i still can't ping my box. > And "dhcpd" daemon is running and is configured (with DHCP configuration > wizard). > I liked to get it work like mdk 9.x had (DHCP auto configuring windows). > > Actually whole MCC firewall and internet connecting is weird: first > button "Internet connection" is always empty, even if i fill there > something and I click "ok", next time it is empty again. second button > "manage connection" don't show my Internet access (ppp+). third, always > after changing firewall rules it asks me my Internet connection (there > is written, if adsl, put ppp+) but there is list only (i can't change > it) and no ppp+, only eth0 and eth1 (so I have used always eth0, this is > connected to ADSL modem). > > (Sorry about my bad English skills ;))
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
