[Novices] IPCOP firewall
Andrew Thompson
tempes at ameritech.net
Fri Oct 15 00:28:14 EDT 2004
On Thu, 2004-10-14 at 22:49, Imagineer66 at comcast.net wrote:
> The IPCOP firewall we installed last week worked too well...
...
> Ok, the home network needed to be up so I disconnected IPCOP and
> reconnected the Linksys 54G router back as the connection between
> Comcast and the home network. Now, the Linksys will talk to Comcast
> and it will assign local addresses. Internal network communication
> works fine (ie, net printers, machine to machine) but it won't let
> ANY traffic out. AARRGGHH.. Ok, swap cables again. Same problem.
> Swap a brand-new 54G router in place. (I had bought it to tinker with
> its firmware but it was still in the box.) Same results.
I haven't used IPCOP, so I don't know if it automatically turns on IP
forwarding, but you need that ON to allow traffic to pass network
traffic through. To see its current status, try this command:
cat /proc/sys/net/ipv4/ip_forward
It will print out either a 0 or a 1. 1 means it's on, 0 means off. You
can set it easily enough with this command:
echo 1 > /proc/sys/net/ipv4/ip_forward
Change the 1 to a 0 to turn it off again, of course. That works until
you have to restart the machine. I'm sure there's someplace where you
set this permanently, but I don't remember where.
I should note that you'll also need to make sure your machine is routing
correctly, and probably masquerading your internal machines. Again, I
have NO idea whether IPCOP sets up any of this automatically, but I'll
try to find out when I can. Meanwhile, does anyone who DOES know the
specifics want to chime in on this?
--
Andrew Thompson <tempes at ameritech.net>
The Imagerie
More information about the Novices
mailing list