Help!! I have no hair left! I have been over the HOWTO, most exampes I can find and I still can't get things working entirely correct.
I've looked in the archives, and that's gotten me about 95% of the way. But that last 5% is killing me. external net-----firewall/dns-----internal net I'd like anything sourced from inside to be able to get outside. I'd like nothing outside to be able to get in, other that traffic that originated from inside. I'd like ssh to be accepted from only internal connections. I want all my internal network machines to use the DNS on the firewall. The DNS on the firewall is pointing to a "real" internet DNS server. I want all my machines to be NAT'ed going through the firewall out to the internet. I have a cable modem with a dynamically assigned IP address, and depending on what range I get assigned to, I may end up with different DNS servers. I'd like my internal machines to use the firewall as the DNS server, and have the firewall actually do the requesting out to the internet. I can surf the internet from the linux firewall/dns box. I can get as far as being able to ping real ip addresses on the internet from any internal machine, but I can't ping DNS names of those same sites. Obviously, I don't quite have things set up correctly. Also, I can't get ssh to be accepted, PuTTy gives me an error that "Software caused connection abort." BTW, most internal machines are Windoze2000 or XP. There are one or two crazy people that run linux on their desktop (me included...) But I'm not too concerned, because I think the problem is in how the iptable rules are accepting requests on port 53, right? Please help! Thanks, Paul