Install iptables
set up this with the following settings:
==============================================
cat /etc/sysconfig/iptables
# Generated by iptables-save v1.2.2 on Sat May 4 15:14:59 2002
*mangle
:PREROUTING ACCEPT [4617:230632]
:OUTPUT ACCEPT [5179:272908]
COMMIT
# Completed on Sat May 4 15:14:59 2002
# Generated by iptables-save v1.2.2 on Sat May 4 15:14:59 2002
*filter
:INPUT ACCEPT [2212:132500]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:272908]
-A INPUT -i eth1 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i eth1 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i eth1 -p tcp -m tcp --sport 68 --dport 67 -j ACCEPT
-A INPUT -i eth1 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
-A INPUT -i eth1 -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A INPUT -i eth1 -p tcp -m tcp --sport 67 --dport 68 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 0:1024 -j DROP
-A INPUT -i ppp0 -p tcp -m tcp --dport 1723 -j DROP
-A INPUT -i ppp0 -p tcp -m tcp --dport 2401 -j DROP
-A INPUT -i ppp0 -p tcp -m tcp --dport 3306 -j DROP
-A INPUT -i ppp0 -p tcp -m tcp --dport 5432 -j DROP
-A INPUT -i ppp0 -p tcp -m tcp --dport 6000 -j DROP
-A INPUT -i ppp0 -p tcp -m tcp --dport 32770 -j DROP
-A FORWARD -s 192.168.0.0/255.255.255.0 -j ACCEPT
COMMIT
# Completed on Sat May 4 15:14:59 2002
# Generated by iptables-save v1.2.2 on Sat May 4 15:14:59 2002
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [25:1986]
:OUTPUT ACCEPT [3068:170538]
-A POSTROUTING -s 192.168.0.0/24 -o ppp0 -j MASQUERADE
COMMIT
# Completed on Sat May 4 15:14:59 2002
===========================================
cat /etc/sysconfig/iptables.cfg
#!/bin/sh
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/root/bin
#MRS
#iptables-restore /etc/sysconfig/iptables_rules.cfg
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/ip_dynaddr
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
echo 1 > /proc/sys/net/ipv4/conf/all/secure_redirects
echo 1 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 1 > /proc/sys/net/ipv4/conf/all/accept_source_route
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
echo 0 > /proc/sys/net/ipv4/conf/all/log_martians
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 65536 > /proc/sys/net/ipv4/route/max_size
echo 262144 > /proc/sys/net/core/optmem_max
echo 262144 > /proc/sys/net/core/rmem_default
echo 262144 > /proc/sys/net/core/rmem_max
echo 262144 > /proc/sys/net/core/wmem_default
echo 262144 > /proc/sys/net/core/wmem_default
echo 262144 > /proc/sys/net/core/wmem_max
echo 500 > /proc/sys/net/core/netdev_max_backlog
===================================================
cat /etc/ppp/peers/isp
idle 600
/dev/modem 115200
connect "/usr/sbin/chat -v -f /etc/sysconfig/network-scripts/chat-isp"
noauth
user **YOUR USER**
defaultroute
usepeerdns
192.168.0.1:
domain YOURDOMAIN.net
demand
ipcp-accept-local
ipcp-accept-remote
holdoff 60
maxfail 0
================================================
cat /etc/sysconfig/network-scripts/chat-isp
ECHO ON
'TIMEOUT' '40'
'ABORT' 'BUSY'
'ABORT' 'ERROR'
'ABORT' 'NO CARRIER'
'ABORT' 'NO DIALTONE'
'ABORT' 'Invalid Login'
'ABORT' 'Login incorrect'
'ABORT' 'Authentication failed'
'' 'AT'
'OK' 'ATZ'
'OK' 'ATX3'
'OK' 'AT&F1'
SAY "DAILING"
'OK' 'ATDT***YOUR ISP PHONE***'
SAY "EXPECTING CONNECT"
'CONNECT' ''
========================
cat /etc/ppp/ip-up.local
#!/bin/sh
case $1 in
ppp0)
logger -it ip-up.local Cargando nuevamente la configuracion de iptables
echo "#### Cargando nuevamente la configuracion de iptables"|write YOUR_USER
service iptables start
logger -it ip-up.local Comenzando comandos personalizados
echo "#### Comenzando comandos personalizados"|write YOUR_USER
/usr/bin/fetchmail &&
logger -it ip-up.local Forzada el la recepción de mails via fetchmail ||
logger -it ip-up.local Fallo el la recepción de mails via fetchmail! ||
/usr/sbin/sendmail -q &&
logger -it ip-up.local Forzada el despacho de mails via sendmail
echo "#### Fin comandos personalizados"|write YOUR_USER
;;
esac
exit 0
=========================
or read this http://www.logontosurf.com/
Later,
MS
On Fri, 2002-11-22 at 14:08, Praedor Atrebates wrote:
I am running into a bit trouble trying to setup connection sharing on an 8.2 system. I have tried using the DrakConf connection sharing wizard but it fails to work for me. In any case, I cannot share the connection in the way it wants to set it up. I have a modem connection to the internet and a wireless connection between my desktop and laptop. The thing is, my laptop HAS to be the wireless AP even though it is not the gateway to the internet in this setup because my laptop has a prism2-based wlan card that can use the hostap driver. The desktop has a linksys USB wlan device that cannot use the hostap driver. I do not believe it is possible to setup an ad-hoc wlan network that can network share. Thus, my laptop wlan card is the AP running dhcpd assigning an IP to the desktop's wlan device but the desktop has the modem and has to act as the gateway to the internet. How do I do this? Setting up a shared connection with the wizard tries to make the desktop act as both the dhcp server (and thus AP) and the inet gateway. On the laptop I set the ip to 10.0.0.1 and setup dhcpd to give 10.0.0.5 to my desktop. This works and I can communicate and file transfer between the two systems via wlan. What I cannot do yet is make a modem connection to the internet on the desktop and then access the internet, period. Even though I am connected to the net neither the desktop nor laptop can access it thus far. Something is not setup right somewhere but I am at a loss to correct it. Can anyone here advise me? praedor
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
|
-- Manuel Soto <[EMAIL PROTECTED]> |
