>I have IP forwarding attached to my linux box at 192.168.1.10.. I can
ping
>all my local boxes from that box and all boxes on the local lan can get to
>the internet using .1.10 as the gateway machine.
>
>The ipfwadm rule I am using is as follows, with the link out being a ppp0
>link
>
>-F -a m -S 192.168.1.10/24
I use the network number is here, not the IP address, I don't know what
it does with the extra bits. (i.e. 192.168.1.0/24 instead of
192.168.1.10/24)
Are the machines inside the local network being properly masqueraded?
You can telnet, ping, etc. out through the linux box, just not *to* it?
[Jann Linder] yup That is right..
>I CAN get to the 'net via the linux box as well...
>
Good.
[Jann Linder] Yup.. it is good
>The ONLY thing I cannot do is ping the linux box from anywhere on the
>lan...i also cannot ftp to it...
>
how about telnet or any of the other services in inetd?
[Jann Linder] no..none of the services TO the gateway box work except
forwarding.
>Is this normal? if not, how do i assign another ip address to that
>ethernet card on the linux box so i can get to it from the lan?
>
You should be able to use the linux box normally if everything is
configured properly. Can you ping or ftp the linux box from the linux box
itself? (ping localhost or ftp localhost) What happens if you turn all
forwarding off (using ipfwadm)?
[Jann Linder] What is the command to turn them all off (ipfwadm -F -f?)
...and What is the significance of the -F -p deny command if I may ask? I
read the manpage but it seems to contradict itself...
It seems to say that it changes the default action...ie if no rule is
found.
Does that mean that if I tell the machines on the lan that the gateway is
1.10 and setup the following rules :
/sbin/ipfwadm -F -f
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
it will check to see if the ip is from ANYWHERE on the lan (ie the 1.0
network) and forward them ALL out the firewall?... if so, the question is :
how do i direct it not to foreward any requests for the internal ethernet.
my routing is as follows:
ps: the only rules w/ipfwadm i use right now is the last one from the
section above...i do not use -F -p deny right now as i didn't know if it
was necessary
Leaving out the Metric, Ref and Use as they would not tell you anything--
Destination Gateway Genmask Flags Iface
mg134-198.domain * 255.255.255.255 UH ppp0
192.168.1.0 * 255.255.255.0 U eth0
127.0.0.0 * 255.0.0.0 U lo
default mg134-198..domain 0.0.0.0 UG ppp0
the first and last were added when the following pppd command was given to
set up the modem
pppd copnnect 'chat -v "" ATZ "OK" ATDT*number* "~" ""; /dev/cua0 57600
modem lock debug crtscts defaultroute
Is this correct?
Thanks in advance.for all the hlp
Jann
-Mike
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
