OK before u jum into NASA Tech...do this ping your internal machine from LRP yes or no ? no = fix it (cables, config etc..) ping internet from your lrp/internal machine yes or no ? no fix it ping LRP from anywhere out side of your network yes or no ? no = fix it.. (allow www trafic with 0.0.0.0/0 your lrp and internal web_computer)
if you have no way out... do this ipchains -P forward ACCEPT ipchains -P input ACCEPT ipchains -P output ACCEPT ipchains -F ipchains -A forward -j MASQ -s 10.0.0.0/8 -d 0/0 -i eth0 this time portforward by hand ipmasqadm portfw -a -P tcp -L 111.222.333.444 80 -R 10.24.33.150 80 if u want now do ipchains -P forward DENY goto a internet_cafe...fireup IE6/netscape of what every type your ip address http://111.222.333.444 remember you are not allowed to do that form your internal Network OK...Please remember... then u have to do by http://10.24.33.150 u know what I mean... thats it baby... once everything working don't drink beer...time to setup your firewall rules in /etc/ipfilter.conf be sure to check /etc/network.conf too... if u still have a problem...talk to Charles, James...like real teches...or hire me...heheheeh good luck.. Upnet Joe ----- Original Message ----- From: "barwals" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, March 09, 2002 6:24 AM Subject: [Leaf-user] Please Please Help me...! > Hi everybody, > > Please Please help me....! I'm trying to do it since last One month but could not then only I have sent a mail to this mailing list. > > I 'm running the Dachstein LEAF firewall. I'm not able to forwarding the > external traffice which is coming to my valid IPaddr (eth0) to my internal > web server which is a windows 2000 server. I have allready gone through all > the related mailing list archive but could not solve the problem and hence > I'm writing to this list. The error I'm getting in my browser is "Connection > faild".... "Connection timed out". > > My configuration is as follows. > > EXTERN_IP=111.222.333.444 > EXTERN_IF =eth0 > INTERNAL_IP=10.24.33.224 > INTERNAL_IF =eth1 > INT_NET = 10.0.0.0/8 > IPFWDING_KERNEL= FILTER_ON > IPALWAYSDEFRAG_KERNEL = YES > CONFIG_HOSTNAME = YES > CONFIG_HOSTSFILE = YES > CONFIG_DNS = NO > IPFILTER_SWITCH = firewall > SNMP_BLOCK = YES > EXTERN_DHCP = NO > EXTERN_DHCP = NO > EXTERN_TCP_PORT0="0/0 www 111.222.333.444" > INTERN_SERVERS="tcp_111.222.333.444_www_10.24.33.150_www" > > My IPCHAINS RULES looks like they are accepting the connection at > 111.222.333.444. But could not find the solution. Could anybody help me in > that regard. > When I see in weblet through brouser I'm seeing this. > > but no byte(packet) in Chain port forward policy. > > > :: Masqueraded Connections :: > IP masquerading entries > prot expire source destination ports > tcp 0:58.64 10.24.33.150 203.163.160.2 80 2678 (80) > > > > > Regards . > Thanks. > > Sudhir > > > Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com > > Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from http://www.planetm.co.in > > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
