[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ipchains from hell
> (216.93.70.147) just fine from the win95 box. The linux box dials the
> phone when I try to access the internet from the windows box. I can
> not ping anything out to the internet.
>
> This is what netstat looks like when I'm connected. I think this looks
> wrong but I mot sure.
This is the setup I am using for my home network. These are placed in my
/etc/rc.d/rc.local file.
* - * - * - * - * - * - * - * - * - * - * - * - * - * * - *
echo "Starting ppp"
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
pppd
sleep 1
route del default
route add default ppp0
echo "Starting ipchains
ipchains -P forward REJECT
ipchains -A forward -i ppp0 -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
#ipchains -M -S 7200 10 160
modprobe ip_masq_ftp
modprobe ip_masq_raudio
* - * - * - * - * - * - * - * - * - * - * - * - * - * - * - *
Do you have the command: (corrected for your network)
"ipchains -A forward -i ppp0 -j MASQ -s 192.168.0.0/24 -d 0.0.0.0/0"
in your setup somewhere? Without this, NOTHING from your home network will ever
make it to the Internet, period! Your Linux box will work just fine. The MASQ
options tells the firewall (ipchains) to allow packets from the home network to
transverse the Internet AND mask the packets to appear they came from the Linux
box. By doing this, the Internet NEVER knows about your home network.
Also, make sure you have DNS properly configured on your machine OR make
sure you have your isp's DNS ip addresses in your /etc/resolv.conf. When you can
ping ip addresses both by name & ip on your Windows machine, then you know DNS
is working.
Hopes this helps....
Richard
-------------------------------------------------------------------
Richard Zimmerman ke4rit@earthlink.net
K&B Transport, Inc. ke4rit@gate.net
Elkhart, Indiana