Reply With Quotehey mountainman, errr hey man!
i used pmfirewall to set up my masqing back in the kernel 2.2 days. it supports the adding of ipmasq stuff. i know it is a lazy way out - but it was quick, it worked and the script is very easy to customize once done.
I am playing around with setting up a 7.0 firewall and dialup to the internet on my home lan. I am having some probs setting up masqing for some reason. I went to the /etc/sysctl.conf file and enabled port forwarding (from "0" to "1"as well as ip always defragment. Is there another step I am missing? I havent setup any sort of firewall yet, so come to think of it, thats likely my problem. Well, at least, it was good to sit here and think about it out loud to you guys and gals.
hey mountainman, errr hey man!
i used pmfirewall to set up my masqing back in the kernel 2.2 days. it supports the adding of ipmasq stuff. i know it is a lazy way out - but it was quick, it worked and the script is very easy to customize once done.
Yeah, thats what I used last couple of times. I had a brain fart. To much time at work. Im doing what I like to call a split double-shift. I worked from 07 to 2 this morning, and I came back in at 10pm to work till 07 or so (probably around 09) tomorrow and might have to do it again tomorrow night. Sucks that I am salary, but the comp time is decent. I really need to get an IT job... :-/
Well, Im back again. Been up for over 24 now, and things are getting a mite fuzzy. I might even get to go home in another 2 or 3 hours. Sleep.......
hi,
if you just need masquerading - this simple script would do, when you have compiled in all iptables modules into the kernel you can comment out the module loading things ..
Code:EXTIF="eth0" #change this to your needed values .. eg ppp0 for modems INTIF="eth1" echo " External Interface: $EXTIF" echo " Internal Interface: $INTIF" echo " - Verifying that all kernel modules are ok" /sbin/depmod -a /sbin/insmod ip_tables /sbin/insmod ip_conntrack /sbin/insmod ip_conntrack_ftp /sbin/insmod iptable_net /sbin/insmod ip_nat_ftp echo " Done Loading modules " echo " Enable Forwarding + Dynamic adressing" echo "1" > /proc/sys/net/ipv4/ip_forward echo "1" > /proc/sys/net/ipv4/ip_dynaddr echo " clearing any existing rules and setting default policy.." $IPTABLES -P INPUT ACCEPT $IPTABLES -F INPUT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -F OUTPUT $IPTABLES -P FORWARD ACCEPT $IPTABLES -F FORWARD $IPTABLES -t nat -F echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF" $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE echo " Done "
Check the PET about Masq stuff.. It has some modules you need to load in the kernel manually in addition to turning on the option in the networking area. It also has some ways to automate it.....
I think it's in PET area of networking .....
Posting Permissions
Bookmarks