Dave
Here's the current settings at the time of the other output.
[root@nubble /etc]\% /sbin/ipchains -n -L
Chain input (policy DENY):
target prot opt source destination
ports
ACCEPT all ------ 192.168.0.0/24 0.0.0.0/0 n/a
ACCEPT all ------ 127.0.0.1 0.0.0.0/0 n/a
Chain forward (policy DENY):
target prot opt source destination
ports
MASQ all ------ 192.168.0.0/24 0.0.0.0/0 n/a
Chain output (policy ACCEPT):
[root@nubble /etc]\%
/sbin/ipchains -P input DENY
/sbin/ipchains -P output DENY
/sbin/ipchains -P forward DENY
/sbin/ipchains -F input
/sbin/ipchains -F output
/sbin/ipchains -F forward
/sbin/ipchains -A forward -s 192.168.0.0/24 -j MASQ
/sbin/ipchains -A input -s 192.168.0.0/24 -j ACCEPT
/sbin/ipchains -A input -i lo -j ACCEPT
/sbin/ipchains -P output ACCEPT
Dave Delage wrote:
>
> What do your ipchains rules look like? A good place to start is with
> Rusty's Three-Line Guide To Masquerading at
> http://www.rustcorp.com/linux/ipchains/HOWTO-3.html#ss3.1
> That's basically all it took for my setup, which is remarkably similar
> to yours, including the ISP.
>
> Dave
>
> Jamby wrote:
> >
> > Howdy
> >
> > I have a network with a router, the router is a
> > dell/100/pent/rh6.1 with named, diald and ipchains. When I original set
> > this up it appeared to be very close to what I wanted except for setting
> > the ipchains rules. But along the way I have screwed it up till I have
> > no idea what's wrong.
> >
> > example: this is the output of route -n when diald has connected to the
> > ISP.
> > [root@nubble rc.d]\% /sbin/route -n
> > Kernel IP routing table
> > Destination Gateway Genmask Flags Metric Ref Use
> > Iface
> > 192.168.0.1 0.0.0.0 255.255.255.255 UH 0 0 0
> > eth0
> > 168.121.1.1 0.0.0.0 255.255.255.255 UH 0 0 0
> > ppp0
> > 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0
> > eth0
> > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
> > lo
> > 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0
> > ppp0
> > [root@nubble
> > rc.d]\%
> >
> > I would expect the ppp0 at the bottom to have a gateway defined.
> >
> > example: from the /var/log/messages file.
> > Mar 1 12:36:52 nubble diald[8178]: new state START_LINK action
> > 0x80514d0 timeout 60
> > Mar 1 12:36:52 nubble diald[8178]: Connected to site 10.0.0.2
> > Mar 1 12:36:52 nubble diald[8178]: Running pppd (pid = 8189).
> > Mar 1 12:36:52 nubble diald[8189]: Running pppd: /usr/sbin/pppd
> > -defaultroute -detach modem crtscts mtu 1500 mru 1500 ktune
> > Mar 1 12:36:52 nubble pppd[8189]: pppd 2.3.10 started by root, uid 0
> > Mar 1 12:36:52 nubble pppd[8189]: Using interface ppp0
> > Mar 1 12:36:52 nubble pppd[8189]: Connect: ppp0 <--> /dev/ttyS1
> > Mar 1 12:36:55 nubble diald[8178]: filter accepted rule 1 proto
> > 134639784 len 63 packet 10.0.0.1,53 => 198.17.208.67,53
> > Mar 1 12:36:56 nubble pppd[8189]: local IP address 165.121.33.123
> > Mar 1 12:36:56 nubble pppd[8189]: remote IP address 168.121.1.1
> > Mar 1 12:36:57 nubble diald[8178]: New addresses: local 165.121.33.123,
> > remote 168.121.1.1, broadcast 0.0.0.0
> >
> > During this connection neither the other network machine (win98box) nor
> > the router (using lynx) could connect to the internet. And the router
> > cannot ping my ISP DSN severs.
> >
> > Any suggestions would be most appreciated.
> > Jim H.
> >
> > Mailed with Netscape 4.7 on RedHat Linux 6.1
> > 2000 years ago the Egyptians treated cats as Gods.
> > They never got over it.
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> > the body of a message to [EMAIL PROTECTED]
--
,''',''',
',''',''','
___
_/___\_
_|_O_|_
/ \
_/ \_
| |
^^^^^^^^^^^^^^^^^^^^
www.light-by-the-sea.com
vp in charge of technical screw ups
Jim H.
Mailed with Netscape 4.7 on RedHat Linux 6.1
2000 years ago the Egyptians treated cats as Gods.
They never got over it.
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
