Hi every one, I spent the past 2 days ( almost ) reading about how to set ip masquerading , iptables, ipchains, setting NFS ....etc. just to be able to put my hands on the problem why cant my w2k machine ping the linux machine ( both on a lan where linux machine has 2 eth cards, one IP for external network (internet with a static IP ) and the other eth for local network with IP 192.168.0.1 ) to hopefully fix this ping issue, SO FINALLY I'd be able to share my files between the 2 machines !!!!
needless to say I couldnt come up with the fix :( Now I desperatly need some expert here (or non expert ) to answer my following question PLEASE :( During a "thorough" investigation of the files on my LM 8.1 system which I set up as a router to my home lan ( I set up the internet sharing and networking stuff ..ect using Mandrake control center) I found that there are the following files on my LM 8.1 sys: /etc/Bastille/bastille-firewall.cfg I'll list the relevant contents of this file ( only uncommented lines ) DNS_SERVERS="205.177.x.x 205.177.x.x " TRUSTED_IFACES="lo" PUBLIC_IFACES="eth+ ppp+ slip+" INTERNAL_IFACES="" TCP_AUDIT_SERVICES="telnet ftp imap pop3 finger sunrpc exec login linuxconf sh" UDP_AUDIT_SERVICES="31337" ICMP_AUDIT_TYPES="" TCP_PUBLIC_SERVICES="22 25 109 110 143 23 53" MINIMAL/SAFEST UDP_PUBLIC_SERVICES="53" TCP_INTERNAL_SERVICES="" UDP_INTERNAL_SERVICES="" FORCE_PASV_FTP="N" TCP_BLOCKED_SERVICES="6000:6020" UDP_BLOCKED_SERVICES="2049" ICMP_ALLOWED_TYPES="destination-unreachable echo-reply time-exceeded" IP_MASQ_NETWORK="" IP_MASQ_MODULES="" REJECT_METHOD="DENY" DHCP_IFACES="" NTP_SERVERS="" ICMP_OUTBOUND_DISABLED_TYPES="destination-unreachable time-exceeded" DROP_SMB_NAT_BCAST="Y" ----------------------------------------- and this file : /etc/rc.d/rc.firewall ===> which have the following content: # Automatically added by drakgw [ -x /etc/rc.d/rc.firewall.inet_sharing ] && /etc/rc.d/rc.firewall.inet_sharing # Mandrake-Security : if you remove this comment, remove the next line too. echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter ----------------------------------------- And another file : /etc/rc.d/rc.firewall.inet_sharing-2.4 which have the following content: #!/bin/sh modprobe iptable_nat echo 1 > /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE /sbin/iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --sport bootpc --dport bootps -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --sport bootpc --dport bootps -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --sport bootps --dport bootpc -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --sport bootps --dport bootpc -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --dport domain -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --dport domain -j ACCEPT I tried applying some changes to the peceeding files, and it resulted in either no changes / or breaking the connection sharing .. If somebody can tell me what exactly shall I change, or even how does this connectiong sharing / bastille firewall basically work together to support the internet sharing and routing thing....as the more I read in the how-tos the more lost I feel... as nothing seem to be as they describe in these how-to's. Any help would be appreciated AS I'm totally lost here. Regards. --------------------- Hanan AL-Shargi
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
