Jon,
I am sympathetic. It can be a real trial getting something like that
running.
I start an IPCHAINS firewall from rc.local. (/etc/rc.d/rc.firewall). I
set it up with the help of an excellent book called 'Linux Firewalls' by
Ziegler. Then, in the firewall I have the statements:
#
----------------------------------------------------------------------------
# Masquerade internal traffic.
# All internal traffic is masqueraded externally.
ipchains -A forward -i $EXTERNAL_INTERFACE -s $LOCALNET_1 -j MASQ
#
#
----------------------------------------------------------------------------
where LOCALNET_1 is the internal, non-routable TCP/IP net I run on my
PCs, and EXTERNAL_INTERFACE is eth1, the NIC that connects to my DSL
line.
With this arrangement the Internet is seamlessly available to my
internal 'net. I guess on-line games will involve letting a port
directly through the firewall, but I have not experimented with that
yet.
Hope this helps.
Best,
Nic Steussy
Jon Knews wrote:
>
> Hello,
>
> I have a Redhat Linux 6.0 kernel 2.2.5-15 box setup as follows and
> I would like to know the best way to make it a seemless proxy for users
> on their PC's.
>
> 198.93.11.12 192.168.100.2
> 198.168.100.x
> iDSL Pipeline Hub ----- eth1 LINUX eth0 ------ Ethernet Hub ====PC's
>
> I need browser, email smtp/pop, real audio/video, ftp, and telnet/ssh to
> work from each PC. It currently works seemlessly from that Linux box
> only. I currently have Squid setup and running so all the PC's can
> access the internet with their browsers, but they need the proxy
> settings, and I would like to make this seemless instead.
>
> I've read up on websites like http://ipmasq.cjb.net/ and
> http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO-3.html#ss3.1 and
> http://web1.linuxhq.com/ldp/howto/IP-Masquerade-HOWTO-6.html#ss6.8 and
> downloaded and installed ipmasqadm but am really getting totally
> confused by the supposed helpful documentation, as to exactly which
> IPCHAINS commands and parameters to execute from rc.local and also which
> IPMASQADM commands and parameters, and so on. I've also experimented
> with IP Forwading.
>
> Would any of you be able to tell be specifically all the statements I
> would need to add to rc.local and whatever else, to make ip masquerading
> work? I mean every SERVICE I would need to run to make this work, and
> commands to put in, based on the diagram above? Also I would prefer
> NOT to have to recompile the kernel if a solution is possible. Frankly
> I don't even know what to call this, a proxy, firewall, or whatever.
>
> Many many thanks, in advance.
> -Jon
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
