>
I've recently attempted to write my own IP routing script (IPchains and
IPmasquerading). I have some minor problems with my initial script and need some help
from an
experienced Linux user.
First off, I have a cable modem for a receiving internet connection with an IP address
that is provided via DHCP, second, I want my machine to serve as an outgoing DHCP
server for the other machines on my network. The client machines will be using a class
"C" network address and the DHCP server will only allow a fixed amount of clients to
exist on the network for security reasons!
I wrote a script using several resources on the web, I have yet to read the
IPMasquerading HOW-TO and the IPChains HOW-TO but plan to in the near future.
Currently I am
trying to figure out how in the hell to enable to outgoing DHCP server on my computer!
I have tested out this script with no success! What should I add or change in order to
make it work? IP port forwading is enabled in the kernel and this script is executed
at boot up.
Here is my script: rc.firewall
#!/bin/sh
# rc.firewall - IPChains and IPMasquerading, internet firewall/routing script
#
echo -n "Setting IP Chains..."
# modules for IPMasquerading
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_raudio
/sbin/modprobe ip_masq_irc
/sbin/modprobe ip_vdolive
# execute IP Forwading
echo "1" > /proc/sys/net/ipv4/ip_forward
# enable host DHCP
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
# IPChains routing information
/sbin/ipchains -M -S 7200 10 160
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.0.1/24 -d 192.168.0.1/24 -j ACCEPT
/sbin/ipchains -A forward -s 192.168.0.1/24 -d 192.168.0.2/32 -j MASQ
/sbin/ipchains -A forward -s 192.168.0.1/24 -d 192.168.0.3/32 -j MASQ
echo "Done!"
BTW, I did not write any firewall rules as of yet, I know basically how to and which
ports to block secure and I will do so once the Masquerading issue is solved!
