Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: AW: [suse-security] IP Forwarding - HELP
Hi

Why do you not try out "Shorewall" as there is very little you need to configure to get it
up and running. I am using it present. you can find more information here:

http://www.shorewall.net/
What is it?
The Shoreline Firewall (Shorewall) is an iptables based firewall that can be used
on a dedicated firewall system, a multi-function masquerade gateway/server or
on a standalone Linux system.


> Thanks Stephan
>
> Sorry but the links are not much good to me (I only know a few words in
> German)...
>
> I am using a 2.4 Kernel but cannot see any reference to iptables ? which is
> weird ? is this something I have to install ?
>
> I kind of understand the theory but got really bogged down into trying to
> install and configure a firewall...
>
> Any ideas?
>
> Dan
> ----- Original Message -----
> From: "OKDesign oHG Security Administrator" <security@xxxxxxxxxxx>
> To: <nico@xxxxxxxxxx>; "Dan Banyard" <dan@xxxxxxxxxxxxxxxxxxx>
> Cc: <suse-security@xxxxxxxx>
> Sent: Wednesday, January 09, 2002 6:35 PM
> Subject: AW: AW: [suse-security] IP Forwarding - HELP
>
>
> > Here are two URL for iptables which were sent to me in answer to my
> question
> > about masquerading:
> >
> > http://bolug.uni-bonn.de/wissen/masquerading.html
> >
> > http://www.fruehbrodt.org/artikel/netfilter.html
> >
> > Stephan
> >
> > -----Urspr√ľngliche Nachricht-----
> > Von: nico@xxxxxxxxxx [mailto:nico@xxxxxxxxxx]
> > Gesendet: Mittwoch, 9. Januar 2002 07:45
> > An: OKDesign oHG Security Administrator
> > Betreff: Re: AW: [suse-security] IP Forwarding - HELP
> >
> >
> > Hi,
> >
> > I'm trying to achive exactly the same with a Linux 2.4 kernel.
> >
> > Would you mind sending me the info as well?
> >
> > Thanks
> >
> > Nico
> >
> > > Hi Dan,
> > >
> > > it depends on which Kernel-version you use. If you use 2.4 you need
> > > iptables. Exactly this point was discussed during the last days (I'm
> > > sure on this 'cause it was me who asked about Masquerading *g*). If
> > > you use 2.2 or earlier you need ipchains. Which syntax should be used
> > > has been written in my first post about this. If you don't have it
> > > anymore, tell me. I can write it again. Back to the roots of your
> > > question: IP-forwarding alone is not enough. You need Masquerading
> > > because the (ethernet-)IP of your Windozebox is a private IP and not
> > > able to be routed over the internet. So the linux-box has to change
> > > the sender-IP of the packets to his official IP (granted from your
> > > provider, most likely to be a dynamic one) in order to enable
> > > answer-packets to find the way back to you. Then your router (the
> > > linux-box acts exactly like a router) send the answers back to your
> > > windozebox. This is what masquerading means. Again, tell your
> > > kernelversion and we can tell you the syntax.
> > >
> > > Stephan
> > >
> > > -----Urspr√ľngliche Nachricht-----
> > > Von: Dan Banyard [mailto:dan@xxxxxxxxxxxxxxxxxxx]
> > > Gesendet: Mittwoch, 9. Januar 2002 04:20
> > > An: suse-security@xxxxxxxx
> > > Betreff: [suse-security] IP Forwarding - HELP
> > >
> > >
> > > Hi
> > >
> > > I have two machine, one Windows NT box and a Linux box (which is
> > > connected to the www via a modem) and these two machine are connected
> > > directly via ethernet.
> > >
> > > I am trying to set up my Linux box so I can get access to the www from
> > > the Windows NT box via the Linux box. So far I have enabled IP
> > > Forwarding in the rc.config file. I am really unsure what to do now
> > > to get this to work - I have read countless linux documents about
> > > setting up masquerading but the examples don't seem to comply with
> > > Suse. Do I have to enable the firewall to get this working ? are
> > > there others things I have to set ?
> > >
> > > Any help would be great.
> > >
> > > Thanks
> > >
> > > Dan
> > >
> > >
> > > --
> > > To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> > > For additional commands, e-mail: suse-security-help@xxxxxxxx
> > >
> > >
> > >
> > > --
> > > To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> > > For additional commands, e-mail: suse-security-help@xxxxxxxx
> > >
> > >
> >
> >
> >
>
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>


< Previous Next >
References