> I have a Linux box router "detritus" (screenless), with two ethernet > connections : one on 192.168.1.1 for connection with my freebox (a DSL > modem in France), and the other for the internal network, on 192.168.10.1. > > On the internal network are three (sometimes four) computers : > > - my wife's, "tasdboue", on Window$ (192.168.10.5) > - my daughter's, "agecanonix", on dual boot (192.168.10.6) > - mine, on dual boot, "arthur", also on dual boot (192.168.10.2). > > So I have to configure the router so that it : > - can be accesed from the intranet by ssh, maybe limited to my computer > - can NAT on all computers on the intranet for web, ftp... > - can, and this is my main problem, accept connections from outside and > NAT them to ONLY my computer when they are related to P2P (this is the > reason why most iptables lists don't answer me :-(, mainly emule on > Window$ and amule or mldonkey on Linux. > > > Some things that don't work : > > - logging keeps logging on the console, which is quite annoying (I use > syslog-ng). > - active ftp doesn't work, I think ... > - about P2P : I keep getting lowids from emule. I don't understand the > rules : do I have to nat first, open the ports on the router, on the > destination machine... all this is quite confusing ! > > All the foolish lines added from the BLFS basic script are taken from > different sources from Internet... but it didn't help me much :-( > > Please, could someone give me a push ? > > Perhaps you need to invest in a book on iptables. I can recommend "Hardening Linux" by James Turnbull and published by Apress. It has a good section on iptables and, starting from first principles, takes the reader through the process of firewalling a host. It also has a section on logging with syslog-NG.
Richard -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
