Re: [[newbie] IPCHAINS/MASQ/FORWARDING]
Mike Fieschko [EMAIL PROTECTED] wrote: "Jaguar" == Jaguar [EMAIL PROTECTED] writes: Jaguar I wrote to the list a few days ago, asking for some Jaguar help...the _ONLY_ reply I got was, RTFM...well I have Jaguar RTFM's till I am more confused. I wanted to know if in Jaguar MDK7.02, IPV4 is compiled in the default install kerenl, Jaguar or if I have to recompile with IPV4 enabled??? How [snip] Is there a directory /proc/sys/net/ipv4 on your box? If yes, what's in it? What are the files' contents? Have you checked what the defaults are when you try to compile a kernel? yes there is a /proc/sys/net/ipv4 it has DIRS for /conf /neigh /route, and a buncha other files no I didn't compile a kernel There are many options for IP, and experimental support for IPv6. What specifically are you looking for with IPv4 I want to share my cable modem with 3 other Win boxes and use Linux as a firewall/proxy JaguarI have run the /proc/(something's??)/ip_chains, and got JaguarPERMISSION DENIED and yes as ROOT. I don't understand this. What command did you run? Doing 'find /proc/ -name ip_chains' on my machine returns no matches. Were you doing 'echo 1 /proc/sys/net/ipv4/ip_forward' ? yes it gave a PERMISSION DENIED -- Mike Fieschko, West Orange, NJ, USA X-Mailer: VM 6.75 under 21.1.8 XEmacs and random-sig.el Kernel 2.2.15-0.16mdk http://www.viconet.com/fieschko/home.htm Mar 26 St Margaret Clitherow "It is terrible to contemplate how few politicians are hanged." - [G.K. Chesterton, in The Cleveland Press, 3/1/21] Get your own FREE, personal Netscape WebMail account today at http://webmail.netscape.com.
Re: [[newbie] IPCHAINS/MASQ/FORWARDING]
"Jaguar" == Jaguar [EMAIL PROTECTED] writes: [snip] Jaguar yes there is a /proc/sys/net/ipv4 it has DIRS for /conf Jaguar /neigh /route, and a buncha other files no I didn't Jaguar compile a kernel There are many options for IP, and experimental support for IPv6. What specifically are you looking for with IPv4 Jaguar I want to share my cable modem with 3 other Win boxes and Jaguar use Linux as a firewall/proxy There ought to be a how-to on this, because so many people with high speed connections ask about it. You need to set up ip masquerading, as you already know. You need the MS Win boxes to be talking tcp/ip, as you know. For cable modem sharing: http://www.cablemodeminfo.com/cablesharing.html (I found that site from among the matches returned by http://www.google.com/linux , searching on "cable modem sharing". Take a look at http://www.enteract.com/~lspitz/linux.html (the Preparing your linux box for the Internet site [security]) and the ipchains-howto, which ought to be on your box. I have some links to scripts and other things at http://www.viconet.com/fieschko/linux_security.htm. Unless the modules are already loaded, you'll need to modprobe them: echo 1 /proc/sys/net/ipv4/ip_forward /sbin/modprobe ip_masq_autofw /sbin/modprobe ip_masq_cuseeme /sbin/modprobe ip_masq_ftp /sbin/modprobe ip_masq_irc /sbin/modprobe ip_masq_mfw /sbin/modprobe ip_masq_portfw /sbin/modprobe ip_masq_quake /sbin/modprobe ip_masq_raudio /sbin/modprobe ip_masq_user /sbin/modprobe ip_masq_vdolive (This is probably excessive.) Jaguar I have run the /proc/(something's??)/ip_chains, and got Jaguar PERMISSION DENIED and yes as ROOT. I don't understand this. What command did you run? Doing 'find /proc/ -name ip_chains' on my machine returns no matches. Were you doing 'echo 1 /proc/sys/net/ipv4/ip_forward' ? Jaguar yes it gave a PERMISSION DENIED Bizarre. On my box /proc/sys/net/ipv4/ip_forward is owned by root in group root, and for ip masquerading, I have to do 'echo 1 /proc/sys/net/ipv4/ip_forward' as root, and it works. If I do it as non-root, I get 'bash: /proc/sys/net/ipv4/ip_forward: Permission denied' -- Mike Fieschko, West Orange, NJ, USA X-Mailer: VM 6.75 under 21.1.8 XEmacs and random-sig.el Kernel 2.2.15-0.17mdk http://www.viconet.com/fieschko/home.htm Mar 27 St John Damascene "Blasphemy is an artistic effect, because blasphemy depends upon a philosophic conviction. Blasphemy depends upon belief and is fading with it. If any one doubts this, let him sit down seriously and try to think blasphemous thoughts about Thor. I think his family will find him at the end of the day in a state of some exhaustion." [G.K. Chesterton, in Heretics]
[newbie] IPCHAINS/MASQ/FORWARDING
"Jaguar" == Jaguar [EMAIL PROTECTED] writes: Jaguar I wrote to the list a few days ago, asking for some Jaguar help...the _ONLY_ reply I got was, RTFM...well I have Jaguar RTFM's till I am more confused. I wanted to know if in Jaguar MDK7.02, IPV4 is compiled in the default install kerenl, Jaguar or if I have to recompile with IPV4 enabled??? How [snip] Is there a directory /proc/sys/net/ipv4 on your box? If yes, what's in it? What are the files' contents? Have you checked what the defaults are when you try to compile a kernel? There are many options for IP, and experimental support for IPv6. What specifically are you looking for with IPv4 JaguarI have run the /proc/(something's??)/ip_chains, and got JaguarPERMISSION DENIED and yes as ROOT. I don't understand this. What command did you run? Doing 'find /proc/ -name ip_chains' on my machine returns no matches. Were you doing 'echo 1 /proc/sys/net/ipv4/ip_forward' ? -- Mike Fieschko, West Orange, NJ, USA X-Mailer: VM 6.75 under 21.1.8 XEmacs and random-sig.el Kernel 2.2.15-0.16mdk http://www.viconet.com/fieschko/home.htm Mar 26 St Margaret Clitherow "It is terrible to contemplate how few politicians are hanged." - [G.K. Chesterton, in The Cleveland Press, 3/1/21]
[newbie] IPCHAINS/MASQ/FORWARDING
I wrote to the list a few days ago, asking for some help...the _ONLY_ reply I got was, RTFM...well I have RTFM's till I am more confused. I wanted to know if in MDK7.02, IPV4 is compiled in the default install kerenl, or if I have to recompile with IPV4 enabled??? How pucking hard is it to tell me yes or no??? I have run the /proc/(something's??)/ip_chains, and got PERMISSION DENIED , and yes as ROOT. Is there a HOWTO posted on installing/setting up IPCHAINS for sharing a cable modem over a network? Jaguar Get your own FREE, personal Netscape WebMail account today at http://webmail.netscape.com.
Re: [newbie] IPCHAINS/MASQ/FORWARDING
Hi, Here is the VERYT END of my /etc/rc.d/rc.local entry that handles this.. /sbin/ipchains -P forward DENY /sbin/ipchains -A forward -i eth0 -j MASQ echo 1 /proc/sys/net/ipv4/ip_forward If you are getting permission denied, make sure ROOT has RW . You may need to actually create the file first by?? touch /proc/sys/net/ipv4/ip_forward I too, am using my cable mode for shared access. It may possibly be that you need to change perms on ipchains. This worked without modification on all my prev. Mandrake indstalls, but I know for whatever reason, not two setups are ever the same!! Hope this helps! Bryan Jaguar [EMAIL PROTECTED] on 03/24/2000 10:52:38 AM Please respond to [EMAIL PROTECTED] To: Linux Newbie [EMAIL PROTECTED] cc:(bcc: Bryan Moorehead/Link/Allied Holdings) Subject: [newbie] IPCHAINS/MASQ/FORWARDING I wrote to the list a few days ago, asking for some help...the _ONLY_ reply I got was, RTFM...well I have RTFM's till I am more confused. I wanted to know if in MDK7.02, IPV4 is compiled in the default install kerenl, or if I have to recompile with IPV4 enabled??? How pucking hard is it to tell me yes or no??? I have run the /proc/(something's??)/ip_chains, and got PERMISSION DENIED , and yes as ROOT. Is there a HOWTO posted on installing/setting up IPCHAINS for sharing a cable modem over a network? Jaguar Get your own FREE, personal Netscape WebMail account today at http://webmail.netscape.com.
