untar and unzip a .tgz .tar.gz or something similar: tar xfz <file.tar.gz> x means xtract, f means file, z means pass through gzip to decompress to create a .tar.gz file: tar cfz <file.tgz> <files to compress and tar> to extract a bzip2 tar: bzcat <file.tar.bz2> | tar x Notice no f (file) it's coming in on stdin. Notice no z, what tar is getting is already uncompressed by the bzcat program. bzcat works like cat, printing a file to stdout, after it uncompresses it. ipchains: you need a bunch of stuff. Make sure you have an ip_masquerade package. You'll also need to recompile your kernel with ip masquerading enabled. You should take a look at the firewall/ip_masquerade howtos. Then you need a script like the one attached. It's fairly simple to understand and easily customizable. ;) If you can get ipchains down, learning iptables (firewall config tool for 2.4.x) is a snap! Cory On Sun, Mar 11, 2001 at 02:16:56AM +0000, Dragon Singer wrote: > Hi, Ralph & the Gang, > As I mentioned in my other post I am running Mandrake 7.2 kernel > 2.2.17-21mdk. On two machines an AMD K6-2 300Mhz box, and a 150Mhz pentium > box which I'm trying to make a gateway/router/firewall. > I've gotten several cd's with my copies of Maximum LInux (soon to be > defunct) and most of the goodies on those discs have files that end in > tar.gzip I was wondering how do I untar and/or ungzip those files using the > command line as I need to get some of those files into the 150Mhz gate box > and Xwindows is very slow. > My question about ipchains is how do I set it up on the 150Mhz box so I can > use it as the router/gateway/firewall between Western Illinois University's > (WIU's) LAN and my two desktop boxes? I tried using the scripts posted on > the Techtv superguide to set ipchains up, but sonething wasn't quite kosher, > and I wasn't able to get 'em to work. Without ipchains running I'm not sure > I can get my babylan to working. > -- > Yours very Sincerely and Respectfully > > Wayne M. Scace > & > Leader Dog Sequoia > > [EMAIL PROTECTED] > ICQ#315313 > Amateur Callsign AB9BM > FISTS#4409 QRP-L #2313 > FPQRP#217 >
#!/bin/sh # A simple example of ipchains saved as /etc/rc.d/rc.firewall # PATH=/sbin:/bin:/usr/sbin:/usr/bin # Load required ip_masq modules (FTP included here) /sbin/depmod -a /sbin/modprobe ip_masq_ftp # Enable IP forwarding echo "1" > /proc/sys/net/ipv4/ip_forward # Assign external IP variables extip="64.66.99.123" extif="eth1" # Assign internal IP variables intif="eth0" intnet="192.168.1.0/24" # Initialize MASQ timeout and standard chains ipchains -M -S 7200 10 60 ipchains -F input ipchains -P input REJECT ipchains -F output ipchains -P output REJECT ipchains -F forward ipchains -P forward DENY # Setup input policy # local interface, local machines, going anywhere is valid ipchains -A input -i $intif -s $intnet -d 0.0.0.0/0 -j ACCEPT # reject IP spoofing where external computer claims to be a local ipchains -A input -i $extif -s $intnet -d 0.0.0.0/0 -l -j REJECT # allow external access via external interface ipchains -A input -i $extif -s 0.0.0.0/0 -d $extip/32 -j ACCEPT # loopback interface is valid ipchains -A input -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT # Setup output policy # all outgoing traffic is allowed ipchains -A output -i $intif -s 0.0.0.0/0 -d $intnet -j ACCEPT # prevent traffic for local network from using external interface ipchains -A output -i $extif -s 0.0.0.0/0 -d $intnet -l -j REJECT # prevent traffic from local network from using external interface ipchains -A output -i $extif -s $intnet -d 0.0.0.0/0 -l -j REJECT # anything else can go out ipchains -A output -i $extif -s $extip/32 -d 0.0.0.0/0 -j ACCEPT # loopback interface is valid ipchains -A output -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT # Setup forwarding policy # Masquerade local net traffic to anywhere ipchains -A forward -i $extif -s $intnet -d 0.0.0.0/0 -j MASQ
