"Ron Johnson, Jr." wrote:
>
> "Darcy Brodie, CJL" wrote:
> >
> > I am trying to configure a linux box to be a firewall / masqurading
> > machine for access to the internet through a cable modem. eth0 is the
> > external nic card (ip supplied by isp via dhcp), and eth1 is the
> > internal network (using the 192.168.1.0 class C group). These are
> > communicating properly.
> > I have the firewall configured as follows
> >
> > echo "1" >/proc/sys/net/ipv4/ip_forward
> > # clear all rules and start fresh
> > /sbin/ipchains -F
> > /sbin/ipchains -A forward -s 192.168.1.0/24 -j MASQ
> > # this prevents ICQ Time out problems
> > /sbin/ipchains -M -S 7200 10 160
> >
> > When I run the rc.firewall program, I get no errors. However, when I
> > list the ipchains (ipchains -L), all of the above rules are listed under
> > teh policy DENY, and I have NO access from a workstation (although I can
> > 1-ping both the internal and external networks from the linux box, and
> > 2- ping the linux box from any of the workstations)
> >
> > Suggestions ??
>
> The standard answer that many of us have had success with
> is PMfirewall. Find it at freshmeat.net. It asks you a
> bunch of questions and then builds a firewall (and ip masq,
> if u need it) script for u.
>
> Ron
I agree. Get PMfirewall. I'm running it at home and on a linux box at
work thats dual networked with a network of SGI weather machines and the
internet..
Alan
--
