Re: [masq] [masq] [masq] IP - masquerade setup problems

Fri, 12 Jun 1998 07:47:46 -0400 

At 03:56 PM 6/11/98 -0400, you wrote: 
>
> Order matters, so if you deny everything
> first, then the rules never meet the allow
> clauses later.� As mmy first guess.
> --
> Bill Eldridge
> Radio Free Asia
> <mailto:[EMAIL PROTECTED]>[EMAIL PROTECTED]
>>
>> -----Original Message----- 
>> From: Steve Helder <<mailto:[EMAIL PROTECTED]>[EMAIL PROTECTED]> 
>> To: <mailto:[EMAIL PROTECTED]>[EMAIL PROTECTED]
>> <<mailto:[EMAIL PROTECTED]>[EMAIL PROTECTED]> 
>> Date: Thursday, June 11, 1998 2:36 PM 
>> Subject: [masq] IP - masquerade setup problems
>>
>> I am attempting to use IP-Masquerading on a newly installed Redhat 5.1
Linux
>> box.� I am connected to my ISP using PPP and can ping the nameservers from
>> Linux.� I have followed the instructions in the Linux IP Masquerade mini
>> HOWTO by Ambrose Au for setting up my Windows 95 machine.� After I set
it up
>> I can ping the ethernet card on the Linux box which is 10.0.100.5 but can't
>> get any further. (pinging the nameservers) 
>> � 
>> I have setup the ipfwadm� -F -p deny and ipfwadm� -F -a m S
10.0.100.0/24 -D
>> 0.0.0.0/0 on the Linux box.� I am assuming I am close but missing
something.
>> � 
>> Any assistance would be appreciated 
>> � 
>> Steve Helder
>

In this case, no. The deny rule he is setting up is the default rule.Steve,
one
thing I notice in the lines in your message is that the - is missing off
the S.
I suspect this is just a typo in the message, but you should check your
scripts.

Check that your input and output firewall rules have a default policy of
accept:
ipfwadm -I -p accept
ipfwadm -O -p accept

If that were screwed up, you wouldn't get packets through.

Also, check to make sure forwarding is turned on. In a default redhat install,
in the file /etc/sysconfig/network, make sure the line 'FORWARD_IPV4=yes' is
present and spelled correctly.

Good luck and e-mail me if I can be of further help (I've got a similar system
funning here now).


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]

Reply via email to