On Thu, Oct 19, 2006 at 10:13:34PM +0200, Seweryn Kokot wrote:
> Inspired by last posts about iptables/firewall I would like to convert from
> /etc/init.d/firewall rules to shorewall. I have an external internet
> connection (ppp0, dynamic ip) and want to forward that net connection
> by eth0 (192.168.0.1) to another computer. Here are the rules
> in /etc/init.d/firewall:
> -----
> iptables -F
> iptables -t nat -F
> iptables -t mangle -F
> iptables -t filter -F
> echo 1 > /proc/sys/net/ipv4/ip_forward
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> iptables -I FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS
> --clamp-mss-to-pmtu
> ifconfig ppp0 mtu 1400
> ----
> How to represent it in shorewall?
> Thanks in advance,
> Seweryn
It depends wheather you are using sarge or etch, because the configuration
has changed a bit.
For etch (Shorewall 3.0.7) I have writen this:
http://newbiedoc.berlios.de/wiki/Firewall
It covers a basic firewall with masquerading. Also the configs of shorewall
contain very elaborate explanations.
HTH,
Andrei
--
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
