Darcy Brodie wrote:
> Hello
>
> i am still having trouble with this Mandrake setup.
> I am attempting to setup IP Masqurading through IP Chains .
> I have had this configuration previously running on a RH 5 box, and decided
> to upgrade.
>
> I have used the PMFirewall program to create the firewall and
> masqurading rules. From the Linux box, I can ping both the internal
> network and the internet. However, from a workstation running win98, I
> can only ping the linux box. When I attempt to ping the intetnet, I get
> the following (thanks to tcpdump)
>
> 13:05:47.551865 192.168.67.20 > 220867-db: icmp: 192.168.67.20 udp
> port unreachable [tos 0xc0]
>
> I have have removed all of the pmfirewall rules and tried a very basic
> ip chains rules as follows
>
> echo "1" > /proc/sys/net/ipv4/ip_forward
> /sbin/ipchains -P forward DENY
> /sbin/ipchains -A forward -s 192.168.67.0/24 -j MASQ
>
> i realize that this is probablu the simplst ip masq rules that can be
> set, but I still get the same message in tcpdump
>
> I am using 2 network cards, 1 connected directly to my cable modem
> (which gets it's ip via dhcp) This is eth0
> The second one is connected to my local network with a static ip of
> 192.168.67.20
> The win98 workstation has a static ip of 192.168.67.2
> On the linux box, the DNS server is pointing to the DNS server from
> my ISP
> The default gateway is also pointing to my ISP's gateway
> The above settings are exactly the same as what I was running on
> the RH5 box, but I was using ipfwadm for my rules
>
> Darcy
try this:
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a m -S 192.168.67.0/24 -D 0.0.0.0/0
which works for me. (mandrake 7.1)
