Bill Eldridge wrote:
> Order matters, so if you deny everythingfirst, then the rules never meet the
>allowclauses later. As mmy first guess.--
That is not quite right, actually, it is wrong.
For security reasons, you always should deny everything first, and subsequently
allow things like forwarding.
Did you enable forwarding in the proc fs? Try adding this line to your rc
script:
echo 1 > /proc/sys/net/ipv4/ip_forward
Oh, and please don't send HTML-formatted messages. ASCII is preferred (I hope I
didn't copy the tags over when I copied the text).
-Joe
> Bill Eldridge
> Radio Free Asia
> [EMAIL PROTECTED]
>
> -----Original Message-----
> From: Steve Helder <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> Date: Thursday, June 11, 1998 2:36 PM
> Subject: [masq] IP - masquerade setup problemsI am attempting to use
>IP-Masquerading on a newly
> installed Redhat 5.1 Linux box. I am connected to my ISP using PPP and can
>ping the nameservers from
> Linux. I have followed the instructions in the Linux IP Masquerade mini
>HOWTO by Ambrose Au for setting
> up my Windows 95 machine. After I set it up I can ping the ethernet card on
>the Linux box which is
> 10.0.100.5 but can't get any further. (pinging the nameservers) I have setup
>the ipfwadm -F -p deny and
> ipfwadm -F -a m S 10.0.100.0/24 -D 0.0.0.0/0 on the Linux box. I am
>assuming I am close but missing
> something. Any assistance would be appreciated Steve Helder
--
Joachim Feise Microsoft Certified Solution Developer
mailto:[EMAIL PROTECTED] http://www.ics.uci.edu/~jfeise/
mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
