Hi all, Ive used the control panel to do this , and it works...sorta what I did... and it may not be the right way
I assume the inet address on the local network is fixed use the control panel to enable connection sharing, now when idid this it set both eth ports to use dynamic addressing...so go back into the network setup and put back in the ip address for the second card. then go into the security bit and let every thing thru.... just like a barn door ! now edit /etc/Bastille/bastille-netfilter.cfg ( i think that the right name, but you cant miss it its the only one that looks like it) read it carefully..very...make sure the public address and internal addresses are correct go down the file and set which ports you want open on each of your interfaces. the file comments are very clear, and the masquerading port is also setup from there. Always make anyfurther modifications from there. read the bastille file in /etc/inet.d and just check wher its config file is, it will point eventuall to the bastill-<something>.cfg in /etc/Bastille/ you can stop and start the firewall the nice way,,,,but to hell with that !,,,,just cross your fingers and type "reboot" you can check your success with ./iptables status.. HTH I'lll go and polish the spurs :) Quintin Holmberg wrote: > > Leif, > THE WAY I DO IT: > There are howto's on iptables at: > http://netfilter.samba.org/unreliable-guides/ > > The one you are most interested in is the NAT-Howto although a good read > through the networking concepts and packet filtering howto will give you a > wealth of background information that you will find useful in present and > future. I highly recommend that you read them as well. In the NAT howto > you will find a section about masquerading. This is essentially what you > want to do. > > Additionally, at www.linuxdoc.org there are 2 howto's to read. They are the > firewalling howto and the masquerading howto. These use the 2.0 kernel > ipchains firewalling tool where you will use the iptables tool at Rusty's > guides but there is other configuration information you will need from them > as well as useful background information. One note on these -- there is no > need to rebuild the kernel unless you want to for security, performance or > educational reasons (in which case, read the Kernel howto as well). The > stock LM8.1 kernel comes with all the modules you need. > > Yes there is a lot of reading and learning to be done but I found it well > worth it. > > ANOTHER POSSIBLE OPTION: > In the Mandrake Control Center, under Network & Internet, there is a > configuration wizard for Connection Sharing. Theoretically, this should > also accomplish the goal in a quick and easy fashion. I have never used > this so I cannot validate how well it works or what security concerns there > might be. > > -- > Quintin -- Richard Bown Ericsson Microwave Systems AB SE-431 84 M�lndal e-mail [EMAIL PROTECTED] tel +46 31 74 72422 mobile +46 7098 72422
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
