Hello everyone, Jason McCarty wrote:
> Try doing 'modprobe ipt_MASQUERADE' before the iptables step. The > Masquerading-Simple-HOWTO on http://www.tldp.org is a good start to > making an iptables firewall, along with the IP-Masquerade-HOWTO. > Jamin W. Collins wrote: > You don't indicate what kernel version you are using. Are you using a > 2.4.x kernel? OK, I have completely reinstalled woody on my gateway/firewall to try and get it right this time. The steps I've been through are:- 1. Install bf24 woody, i.e. with a 2.4 kernel, and no added packages; 2. eth0 (connected to the cable modem) is set-up by dhcp; 3. eth1 (internal) manually added to ifconfig; 4. added scripts which run the following commands in run level 2... modprobe ipt_MASQUERADE echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE 5. I can ping eth0 and eth1 from the internal Win98 machine. 6. I can ping the internet from the gateway. 7. I can't ping the internet from the Win98 machine. 8. iptables --list shows ACCEPT policies for the input, output and forward chains 9. lsmod gives the following (I have omitted everything except the Module names):- Module Size Used by Not tainted iptable_filter ipt_MASQUERADE iptable_nat ip_conntrack ip_tables 3c509 isa-pnp I can't access the internet from the Win98 machine connected to the gateway and can't see what other steps I need to go through. I am likely to pull the remainder of my hair out if I can't get this working in the near future. What I want to do initially is have ACCEPT policies on all chains so I know the set-up is working. Then I will set-up some rules to protect my network. Can anyone help? TIA Mike
