I just went through exactly what you are going through now. First thing to
do is check out this whoop ass page on LinuxNewbie.org
http://www.linuxnewbie.org/nhf/intel/network/ipchains2.html
The template that they give is your basic rc.firewall file and I have seen
umptine times on linux boxes since than. Weird thing is ...there is already
a rc.firewall installed on my linux Box with this text in it.
<interlude>
############################################################################
###############
######### Mandrake-Security : if you remove this comment, remove the next
line too.
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
############################################################################
#########
I was wondering if anyone knew exaclty what that did since we are on the
subject.
</interlude>
They give you a simple break down to get it working. If you don't feel like
farting around with another "walk-through" (although its damn good) try
typing this at the command prompt for generic purposes...just to see if you
can get it working with your machine as is.
#echo "1"/proc/sys/net/ipv4/ip_forward <-------This will enable IP
forwarding.
#ipchains -P forward DENY <---------- ?
#ipchains -A forward -s 192.168.0.0/24 -j MASQ <--------------- ?
This will not make the ipchains perm but its good for testing the concept
and to see if you machine is capable as is...instead of having to recompile
and all that....
ALthough I do not fully understand all of the options that can be applied
with IP chains...I have been working on this for about 3 weeks, and finally
got it working on MOnday. Its all I have been working on since than.
I am guessing that your "router/gateway/firewall/buffass linux box" is
sitting at 192.168.0.1 and you have assigned fake IP's to your Win98 boxes
like 192.168.0.2+
If you have any more questions about this feel free to pass them back..I am
still working with it, and it would be great to have a few more people
working on it with me...like that whole OPen Source thing we hear about all
the time...
hehehhhe
Kat
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 11, 2000 9:23 AM
To: [EMAIL PROTECTED]
Subject: [newbie] ip chains (newbie confusion)
I have been setting up a samba server with adsl connected
to several win98 boxes. I was told that to share the dsl
connection all I had to do was set up IP chains. I then
downloaded the current ip chains howto and am now completely
lost. I read the first 4 chapters right up to where you set
up the win98 boxes. Do I have to recompile the Kernel (I
have never done this before); I am running mandrake 7.02.
I was assuming that the IP chains was already built in. Is
there a easy way to set it up. I don't mind recompiling but
could use any suggestions or help that anyone could put
forward.
Thanx in advance
Mike
....................................
Get your own free email account from
http://www.popmail.com
