Eduardo Gargiulo wrote:
Hi all.
I have a linux box running ipchains and masquerading my inetrnal network.
I have subnet of real IP. The router is connected to the hub so the REAL subnet
is before the firewall, so I can't protect it. I'm thinking in add an eth to
the linux box and connect the router (with a cross UTP) to eth0, and connect
eth1 (with real IP) and eth2 (with masqued IP) to the hub. The question is how
configure ipchains and if it is possible to work or I have to add another tool
to my linux box to handle this configuration?
Hi all,
My configuration is:
ISP-Cable
|(xxx.xxx.xxx.129 ip)
\
\(xxx.xxx.xxx.130 ip)
LINUX-(xxx.xxx.xxx.132 ip)---------------------\
|(192.168.1.1_ip) |
| |(xxx.xxx.xxx.131 ip)
|----(192.168.1.2 ip this host uses downstream
|-----(192.168.1.3 ip)
.
.
.
\------(192.168.1.n ip)
Linux has 3 interfaces
eth0 xxx.xxx.xxx.130
eth1 xxx.xxx.xxx.131
eth2 192.168.1.1
hosts in 192.168.1.0/255.255.255.0 are masquaraded
#ipchains -A forward -s 192.168.1.0/255.255.255.0 -j MASQ
eth0 and eth1 are bridged
#ipchains -A bridgein -s xxx.xxx.xxx.131 -i eth1 -j ACCEPT
#ipchains -A bridgein -d xxx.xxx.xxx.131 -i eth1 -j ACCEPT
bridgein chain comes from patch
default route set to xxx.xxx.xx.129
It should work just ok.
But it makes a booo ones for a while.
i thing it is doing something like that:
packets that should be masquaraded are bridged.
How to prevent from this.
Second Q:
why normal forwarding wasn't working, why have i had to use a bridge
Thanks,
Hubert.
