Hey to all,
This if maybe off topic, but i know that very much ppp-admins use IP-MASQ.
I'm installing RH6.0 on a Pentium (This must replace an older RH4.2 on a
486)
I'm using ip-masquerading for the users who dailin and so they will be
connected to the intranet of the company.
At the older machine (ipfwadm) , everything worked. Here is my old
configuration :
echo "Install ip-firewall & ip-masquarading" >> /var/log/messages
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a m -b -Saaa.bbb.ccc.ddd/32 -Dxxx.yyy.0.0/16
/sbin/ipfwadm -F -a m -b -Saaa.bbb.ccc.ddd/32 -Dxxx.zzz.0.0/16
I translate this to the new machine (ipchains), like this :
echo "Install ip-firewall & ip-masquarading" >> /var/log/messages
/sbin/ipchains -A forward -b -s aaa.bbb.ccc.ddd/32 -d xxx.yyy.0.0/16 -j
MASQ
/sbin/ipchains -A forward -b -s aaa.bbb.ccc.ddd/32 -d xxx.zzz.0.0/16 -j
MASQ
/sbin/ipchains -A forward -j REJECT
It won't work. Am i missing something ?
The kernel is compiled with CONFIG_IP_MASQUERADE.
If i do ' ipchains -L -M' i got no entrys.
but if i do 'ipchains -L' , i got :
Chain input (policy ACCEPT):
target prot opt source destination ports
ACCEPT all ---f-- anywhere anywhere n/a
acctin all ------ anywhere anywhere n/a
acctboth all ------ anywhere anywhere n/a
inp all ------ anywhere anywhere n/a
Chain forward (policy ACCEPT):
target prot opt source destination ports
MASQ all ------ aaa.bbb.ccc.ddd xxx.zzz.0.0/16 n/a
MASQ all ------ xxx.zzz.0.0/16 aaa.bbb.ccc.ddd n/a
MASQ all ------ xxx.yyy.0.0/16 aaa.bbb.ccc.ddd n/a
MASQ all ------ aaa.bbb.ccc.ddd xxx.yyy.0.0/16 n/a
ACCEPT all ---f-- anywhere anywhere n/a
Chain output (policy ACCEPT):
target prot opt source destination ports
ACCEPT all ---f-- anywhere anywhere n/a
acctout all ------ anywhere anywhere n/a
acctboth all ------ anywhere anywhere n/a
out all ------ anywhere anywhere n/a
Chain acctin (1 references):
Chain acctout (1 references):
Chain acctboth (2 references):
Chain inp (1 references):
Chain out (1 references):
Chain fwd (0 references):
Chain IpFwAdM! (0 references):
target prot opt source destination ports
- all ------ anywhere anywhere n/a
- all ------ anywhere anywhere n/a
Peter
PLEASE IGNORE THIS DISCLAIMER. THIS IS A TERRIBLE BAD JOKE FROM OUR
MAIL-SERVER SYSADMIN. SORRY.
**** DISCLAIMER ****
"This e-mail and any attachments thereto may contain information
which is confidential and/or protected by intellectual property
rights and are intended for the sole use of the recipient(s) named above.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form)
by persons other than the designated recipient(s) is prohibited.
If you have received this e-mail in error, please notify the sender either
by telephone or by e-mail and delete the material from any computer.
Thank you for your cooperation."
-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to [EMAIL PROTECTED]
