RE: IP_Masq to hell and back

Mjo Sat, 18 Nov 2000 09:16:03 -0800
Well, I got it to work this morning but I'm not happy about how.
I found a radio button for it in drakeconf->network config->server tasks->
internet sevices.  I clicked it and now it works.  It was not clicked when it
worked before.  It set it all up and now my ipchains -L looks like this:

[root@SERVO /root]# ipchains -L
Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ---f--  anywhere             anywhere              n/a
ACCEPT     all  ------  anywhere             anywhere              n/a
ACCEPT     all  ------  anywhere             anywhere              n/a
i_ppp0     all  ------  anywhere             anywhere              n/a
ACCEPT     icmp ------  anywhere             anywhere              any ->   any
Chain forward (policy ACCEPT):
target     prot opt     source                destination           ports
MASQ       all  ------  192.168.0.0/24       anywhere              n/a
MASQ       all  ------  anywhere             192.168.0.0/24        n/a
DENY       all  ----l-  anywhere             anywhere              n/a
Chain output (policy ACCEPT):
target     prot opt     source                destination           ports
o_ppp0     all  ------  anywhere             anywhere              n/a
ACCEPT     all  ------  anywhere             anywhere              n/a
Chain i_ppp0 (1 references):
target     prot opt     source                destination           ports
DENY       all  ----l-  04-158.089.popsite.net anywhere              n/a
ACCEPT     icmp ------  anywhere             04-158.089.popsite.net  any ->   any
DENY       icmp ----l-  anywhere             anywhere              any ->   any
DENY       tcp  ----l-  anywhere             04-158.089.popsite.net  any ->   mysql
DENY       tcp  ----l-  anywhere             04-158.089.popsite.net  any ->   6000
DENY       tcp  ----l-  anywhere             04-158.089.popsite.net  any ->   8021
DENY       tcp  ----l-  anywhere             04-158.089.popsite.net  any ->   10000
DENY       udp  ----l-  anywhere             04-158.089.popsite.net  any ->   10000
ACCEPT     tcp  ------  anywhere             04-158.089.popsite.net  any ->   
1024:65535
ACCEPT     udp  ------  anywhere             04-158.089.popsite.net  any ->   
1024:65535
DENY       all  ----l-  anywhere             anywhere              n/a
Chain o_ppp0 (1 references):
target     prot opt     source                destination           ports
ACCEPT     all  ------  04-158.089.popsite.net anywhere              n/a
DENY       all  ----l-  anywhere             anywhere              n/a
[root@SERVO /root]# 


We have 3 machines here.  Mine, which is the one routing it all out, Ryan's, and
my parents'.  192.168.0.1, 192.168.0.2 and 192.168.0.3 respectively.   I would
swear all I used last week was: 

ipchains -P forward DENY  
ipchains -A forward -s 192.168.0.1/24 -d 0/0 -j MASQ    

The O'Reilly example used someone with 192.168.1.0 as the router ip, and used
ipchains -A forward -s 192.168.1.0/24 -d 0/0 -j MASQ .  I suppose the first
time I could have transposed the 0 & 1 if that would have made it work which
wouldn't make sense to me but hey.   

I'm really glad it's working again but I'd like to understand what happened.
I'm putting Mandrake 7.2 onto another partition to play with it before I commit
to it (I was definitely too hasty in whiping out 7.1 yesterday).  I plan on
trying out the ipchains again there and seeing if I can't get it right again
manually.

-Mjo


-- 
Martha Jo McCarthy 
[EMAIL PROTECTED]  (alternate: [EMAIL PROTECTED])  



**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
RE: IP_Masq to hell and back

Reply via email to
