At 13:26 2000-02-14 -0600, Mac Q. Flores wrote:
1. /etc/rc.d@ becomes /sbin/init.d . . . under this directory is firewall. is this rc.firewall? 2. /etc/rc.config . . . entries about firewall here . . . do these entries represent rc.firewall? 3. /sbin/init.d/masquerade . . . is this rc.masquerade? . . or . . . 4. /etc/rc.config . . . entries about IP_Masq here . . do these entries represent rc.masquerade?
also, what ipchains rules go to the masquerade and/or firewall files?
Yes, it confused me for a while, too. Can answer most of your questions based on getting a firewall going with masquerading. 1. Yes, /sbin/init.d/firewall gets run automatically. Whatever the howto says to do with rc.firewall will work in /sbin/init.d/firewall. 2. The entries in rc.config are parameters which control the /sbin/init.d/firewall as provided by SuSE. 3 & 4. Don't know about rc.masquerade. I set up masquerading based on a 'howto' version of rc.firewall, by replacing /sbin/init.d/firewall. Because the rc.firewall doesn't make use of the rc.config parameters, there's no need to modify rc.config. It will work fine just to take rc.firewall, adjust it for your own system, and with the result replace /sbin/init.d/firewall. To debug the firewall, the ipconfig -L command is useful. Also, it is useful to put the -l option into your DENY and REJECT rules, so that you can look into the log and see why certain packets are not getting through. -- Scott Turner p.turner@computer.org http://www.ma.ultranet.com/~pkturner -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/