RE: Please help with IP Masquerading

Mon, 18 Mar 2002 18:10:42 -0800 

Yes, make sure ipchains is loaded,

#insmod ipchains.o {enter}

#ipchains -L  to see if chaines is loaded

Make sure your MASQ is loaded before the rest of your firewall rules are
loaded

echo 1 > /proc/sys/net/ipv4/ip_forward
ipchains -A forward -i ppp0 -s 192.168.0.0/24 -j MASQ


ipchains -A input -i eth0 -j ACCEPT
ipchains -A input -i lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT

ipchains -A input -i ppp0 -p udp -s 0/0 67 -d 0/0 68 -j ACCEPT

ipchains -A input -i ppp0 -p udp -s 0/0 53 -d 0/0 1024:65535 -j ACCEPT
ipchains -A input -i ppp0 -p udp -s 0/0 -d 0/0 1024:65535 -j ACCEPT
ipchains -A input -i ppp0 -p udp -s 0/0 53 -d 0/0 1024:65535 -j ACCEPT

ipchains -A input -i ppp0 –s 172.16.0.0./12  -j DENY –log
ipchains -A input -i ppp0 –s 10.0.0.0/8  -j DENY –log
ipchains -A input -i ppp0 –s 192.168.0.0/16 -j DENY --log

ipchains -A input -i ppp0 -p tcp -d 0/0 0:1024 -j DENY --log
ipchains -A input -i ppp0 -p udp -d 0/0 0:1024 -j DENY --log

ipchains -A input -i ppp0 -p udp -d 0/0 2049 -j DENY --log
ipchains -A input -i ppp0 -p tcp -d 0/0 2049 -j DENY --log
ipchains -A input -i ppp0 -p tcp -d 0/0 32768 -j DENY --log
ipchains -A input -i ppp0 -p tcp -d 0/0 32769 -j DENY --log
ipchains -A input -i ppp0 -p tcp -d 0/0 1000 -j DENY --log
ipchains -A input -i ppp0 -p tcp -d 0/0 3000 -j DENY  --log
ipchains -A input -i ppp0 -p tcp -d 0/0 8080 -j DENY --log


ipchains -A input -i ppp0 -p tcp ! --syn -j ACCEPT

ipchains -A input -i ppp0 -s 224.0.0.0/3 -j DENY
ipchains -A input -i ppp0 -d 224.0.0.0/3 -j DENY
ipchains -A input -i ppp0 -s 224.0.1.40/3 -j DENY
ipchains -A input -i ppp0 -d 224.0.1.40/3 -j DENY

ipchains -A input -i ppp0 -p udp --dport 6000:6010 -j DENY --log
ipchains -A input -i ppp0 -p tcp --dport 6000:6010 -j DENY --log

ipchains -A input -i ppp0 -p udp --dport 1024: -j ACCEPT

ipchains -A input -i ppp0 -p icmp -j DENY

ipchains -A output -i ppp0 -d 192.168.0.0/24 -j REJECT




Then goto this site for more info on this subject

http://members.optushome.com.au/pengu/IPChains/ipchains.html

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Edward Dekkers
Sent: Monday, March 18, 2002 6:18 PM
To: [EMAIL PROTECTED]
Subject: Re: Please help with IP Masquerading


This always worked fine on my old machine, but I get alot of errors during
boot on the new machine during run of rc.d.  The error messages fly by so
fast I can't read them.  IP masquerading does not work on the new machine.

Please help.

Thanks,
Bill

---

Is ipchains even installed?

btw. You it may be an idea to switch to iptables any way, as this appears to
be the future.

Regards,
Ed.




_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to