Hi Stan,
I have put it in the folder http://cgmd71239.chello.nl/data/ipchains/ . I think in
there are instructions included in a file after you decompressed the file fw-new.tgz
. Let me know if it's not correct. I didn't have the time to look into it if
everything is available.
Regards,
Joop.
Joop Boonen wrote:
> Dear Stan,
>
> You need to use IP chains with kernel 2.2.5. You can either rewrite the scripts
> or download them. I cant find the link right now. It was available at
> www.suse.de/~bb/.
>
> I will try to put the script on my server at http://cgmd71239.chello.nl/data/
> I'm right now quite busy. So it'll be tomorrow.
>
> I hope it's helpful. I use the ipchain scripts and i also use a cable modem. I
> have hooked a win98 computer up via the ipchain computer, linux, kernel 2.2.4. I
> need the win 98 computer because of school. :-(
>
> I hope it's helpful.
>
> Regards,
>
> Joop.
>
> Stan Koper wrote:
>
> > Hi everyone,
> >
> > I have an internal network, a cable modem (Mediaone) connection to the
> > Internet, and an AMD 5x86 machine as my firewall. I had SuSE 6.0 installed
> > with the 2.0.36 kernel, then I tried installing the 2.2.5 kernel, and had
> > some difficulty. Although ip forwarding worked for a while, I broke a few
> > things.
> >
> > The upshot was I blew away SuSE 6.0 and reinstalled it. Now I'm back to
> > square one with a lot of stuff (boy, what you forget when you don't use it).
> > I have the LINUX Complete Reference here, and a bunch of printouts on IP
> > forwarding, firewalling, using ipfwadm (as well as ipchains, but I'll deal
> > with that later).
> >
> > Here's my problem. My internal IP address is 192.168.10.x, and the
> > external NIC is 24.128.24.x When I read the IP filtering setup if ipfwadm
> > (I think this is from the "how-to"), it starts off by Denying all services.
> >
> > OK, type in: ipfwadm -F -p deny
> >
> > Then it says "flush all commands", and gives three lines with separate
> > commands. OK, I'm fine so, far, except that I wonder if flushing all
> > commands doesn't flush the "ipfwadm -F -p deny" command also. But let that
> > go.
> >
> > Here's the real problem.
> >
> > The HOW to give several lines, which I will render as given:
> >
> > # Forward email to your server
> > ifpwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D 192.1.2.10 25
> >
> > # Forward email connections to outside email servers
> > ipfwadm -F -a accept -b -P tcp -S 196.1.2.10 25 -D 0.0.0.0/0 1024:65535
> >
> > # Forward web connections to your Web Server
> > ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D 196.1.2.11 80
> >
> > # Forward web connections to outside Web Server
> > ipfwadm -F -a accept -b -P tcp -S 196.1.2.* 80 -D 0.0.0.0/0 1024:65535
> >
> > #Forward DNS traffic
> > ipfwadm -F -a accept -b -P udp -S 0.0.0.0/0 53 -D 196.1.2.0/24
> >
> > OK, now as a practical matter, I want to substitute my internal NIC ip for
> > one of the above IP's, and my external NIC for another. But I get confused.
> > In the examples (and I think the author of the How-To is consistent in this
> > througout, except perhaps for typos), the IPs are too close for comfort. Do
> > I switch my 192.168.10.1 (the IP for the internal NIC on my router) for the
> > 192 address above, and my 24.128.24.x IP (external NIC) for the 196.x.x.x
> > addresses?
> >
> > And what's with 196.1.2.* ? What's that supposed to mean?
> >
> > Any assistance would be greatly appreciated.
> >
> > Stan Koper
> >
> > --
> > To get out of this list, please send email to [EMAIL PROTECTED] with
> > this text in its body: unsubscribe suse-linux-e
> > Check out the SuSE-FAQ at http://www.suse.com/Support/Doku/FAQ/ and the
> > archive at http://www.suse.com/Mailinglists/suse-linux-e/index.html
>
> --
> To get out of this list, please send email to [EMAIL PROTECTED] with
> this text in its body: unsubscribe suse-linux-e
> Check out the SuSE-FAQ at http://www.suse.com/Support/Doku/FAQ/ and the
> archive at http://www.suse.com/Mailinglists/suse-linux-e/index.html
--
To get out of this list, please send email to [EMAIL PROTECTED] with
this text in its body: unsubscribe suse-linux-e
Check out the SuSE-FAQ at http://www.suse.com/Support/Doku/FAQ/ and the
archive at http://www.suse.com/Mailinglists/suse-linux-e/index.html
