Thanks Stuart, but I have cheated and bolted firestarter on the front and that does all the thinking for me. Regards, David On Mon, 10 Dec 2001 09:27:33 +0800, Joe & Sesil Morris (NTM) wrote:
David wrote:
Hi Stuart,
Bit lost with that. Had a poke around but did not seem to make any difference. I am using Samba for the LAN, not sure what that uses
David, I'm not sure if this will give any clues, and since I am not using Firewall2 (I am using SuSEFirewall [1]), I can't be sure exactly how much may have changed, but... Check Dev_World (i.e. internet facing interface[s]) DEV_INT (LAN facing interface) answer yes to FW_Route and FW_Masquerading (assuming you have one IP you will masquerade for your LAN) Check FW_MASQ_NETS (this is where I think you might have missed it, this should either be the whole subnet, i.e. 192.168.1.0/24, or a machines address, i.e. 192.168.0.4) Choose which ports you need to open with FW_Services_External (i.e. internet side) and Internal (LAN side) for both UDP and TCP. FW_ALLOW_INCOMING_HIGHPORTS_TCP I have set to ftp-data, UDP to yes With Firewall 1, you need to set the Services DNS, DHCP, and DHclient separately, which you should set depending on your setup. For a dial-up connection, you need to add a line to restart the firewall in ip -up (i.e. /sbin/SuSEFirewall). I believe this is basically the same as the third boot script. This is needed to load the rules for the new ppp interface that was non-existent when the firewall originally loaded. This has worked like a dream for me. HTH, YMMV.
-- Joe & Sesil Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: www.mydestiny.net/~joe_morris Registered Linux user 231871 "We can stand affliction better than we can prosperity, for in prosperity we forget God." --Dwight Lyman Moody