Hi Why do you not try out "Shorewall" as there is very little you need to configure to get it up and running. I am using it present. you can find more information here: http://www.shorewall.net/ What is it? The Shoreline Firewall (Shorewall) is an iptables based firewall that can be used on a dedicated firewall system, a multi-function masquerade gateway/server or on a standalone Linux system.
Thanks Stephan
Sorry but the links are not much good to me (I only know a few words in German)...
I am using a 2.4 Kernel but cannot see any reference to iptables ? which is weird ? is this something I have to install ?
I kind of understand the theory but got really bogged down into trying to install and configure a firewall...
Any ideas?
Dan ----- Original Message ----- From: "OKDesign oHG Security Administrator"
To: ; "Dan Banyard" Cc: Sent: Wednesday, January 09, 2002 6:35 PM Subject: AW: AW: [suse-security] IP Forwarding - HELP Here are two URL for iptables which were sent to me in answer to my question about masquerading:
http://bolug.uni-bonn.de/wissen/masquerading.html
http://www.fruehbrodt.org/artikel/netfilter.html
Stephan
-----Ursprüngliche Nachricht----- Von: nico@edoc.co.za [mailto:nico@edoc.co.za] Gesendet: Mittwoch, 9. Januar 2002 07:45 An: OKDesign oHG Security Administrator Betreff: Re: AW: [suse-security] IP Forwarding - HELP
Hi,
I'm trying to achive exactly the same with a Linux 2.4 kernel.
Would you mind sending me the info as well?
Thanks
Nico
Hi Dan,
it depends on which Kernel-version you use. If you use 2.4 you need iptables. Exactly this point was discussed during the last days (I'm sure on this 'cause it was me who asked about Masquerading *g*). If you use 2.2 or earlier you need ipchains. Which syntax should be used has been written in my first post about this. If you don't have it anymore, tell me. I can write it again. Back to the roots of your question: IP-forwarding alone is not enough. You need Masquerading because the (ethernet-)IP of your Windozebox is a private IP and not able to be routed over the internet. So the linux-box has to change the sender-IP of the packets to his official IP (granted from your provider, most likely to be a dynamic one) in order to enable answer-packets to find the way back to you. Then your router (the linux-box acts exactly like a router) send the answers back to your windozebox. This is what masquerading means. Again, tell your kernelversion and we can tell you the syntax.
Stephan
-----Ursprüngliche Nachricht----- Von: Dan Banyard [mailto:dan@www.edentify.com.au] Gesendet: Mittwoch, 9. Januar 2002 04:20 An: suse-security@suse.com Betreff: [suse-security] IP Forwarding - HELP
Hi
I have two machine, one Windows NT box and a Linux box (which is connected to the www via a modem) and these two machine are connected directly via ethernet.
I am trying to set up my Linux box so I can get access to the www from the Windows NT box via the Linux box. So far I have enabled IP Forwarding in the rc.config file. I am really unsure what to do now to get this to work - I have read countless linux documents about setting up masquerading but the examples don't seem to comply with Suse. Do I have to enable the firewall to get this working ? are there others things I have to set ?
Any help would be great.
Thanks
Dan
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com