On 08/07/2012 12:13 PM, Kakuru Peter wrote:
Greetings all.
Am stuck and need some help. Trying to set up a gateway on a small
network. I have installed Ubuntu on my box and shorewall as the firewall.
All configuration settings seem ok as per the documentation.
Given the external interface IP provided by my ISP.... When i connect
IDU unit to this interface, am able to surf off the machine. When I
connect 2nd interface to the switch, am not able to surf on this very
machine. With this setup, I can also ping the gateway from other
machines on the network but NOT able to surf.
Any pointers on what i should look out for?
simpe as is, working under Ubuntu
as root::
apt-get install iptabes
Make is shell script like::
echo 1 > /proc/sys/net/ipv4/ip_forward
IP=/sbin/iptables
$IP -t nat -A POSTROUTING -o eth0 -j MASQUERADE
$IP -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j
ACCEPT
$IP -A FORWARD -i eth1 -o eth0 -j ACCEPT
run the script
run tcpdump on eth0 en eth1 to check your traffic. maybe create more
complex rules later....
maybe:
- install fwbuilder as gui.
- put above lines to /etc/rc.local to enable the firewall @boottime
- enable serial acces to box if it has no keyboard/monitor (firewall
games seem to lock me out every now and then.
I hope this helps,
3ct Marten
Regards,
P.
_______________________________________________
The Uganda Linux User Group: http://linux.or.ug
Send messages to this mailing list by addressing e-mails to: [email protected]
Mailing list archives: http://www.mail-archive.com/[email protected]/
Mailing list settings: http://kym.net/mailman/listinfo/lug
To unsubscribe: http://kym.net/mailman/options/lug
The Uganda LUG mailing list is generously hosted by INFOCOM:
http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The mailing list host is not responsible for them in any
way.
_______________________________________________
The Uganda Linux User Group: http://linux.or.ug
Send messages to this mailing list by addressing e-mails to: [email protected]
Mailing list archives: http://www.mail-archive.com/[email protected]/
Mailing list settings: http://kym.net/mailman/listinfo/lug
To unsubscribe: http://kym.net/mailman/options/lug
The Uganda LUG mailing list is generously hosted by INFOCOM:
http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The mailing list host is not responsible for them in any
way.
