Don't learn ipchains... it's going away in kernel 2.4, thank God.
Does the standard masquarading regimen work?
# echo 1 > /proc/sys/net/ipv4/ip_forward
# ipchains -P forward DENY
# ipchains -A forward -i eth0 -j MASQ
(eth0 is outside interface)
If so, 'chains works.
Suggest a tool at http://www.openpro.org/fwconfig.shtml which will make
a script for you. I was so burnedout from ipchains I didn't bother to
learn fwconfig, but adapted one of their sample scripts, and it works
great. I run it as S09firewalling.
--
Carl A. Cook
[EMAIL PROTECTED]
Certainly the game is rigged. Don't let that stop you...
If you don't bet you can't win.
John Aldrich wrote:
> Can someone possibly shed light on why IPChains refuses to work for
> me? Here's what I'm trying to do:
> /sbin/ipchains -A output -d 199.95.207.0/24 -j DENY
> /sbin/ipchains -A output -d 199.95.208.0/24 -j DENY
>
> But whenever I try and do that, it keeps coming up and saying
> "protocol not available."
> Before you ask, "Is IPChains installed?" here's the answer:
> [root@slave1 /root]# rpm -qa | grep ipchains
> ipchains-1.3.8-4mdk
> and:
> [root@slave1 /root]# ipchains -V
> ipchains 1.3.8, 27-Oct-1998
>
> As you can clearly see, IPChains ARE installed, but it won't work. I
> even tried using the "-p tcp" switch and it STILL says "protocol not
> available.
> What's the problem here???? Can someone enlighten me on this?
> Thanks...
> John
S/MIME Cryptographic Signature
