There is no compilation of gShield.. its just shell scripts.. just download the tarball from their site.. uncompress it (if you have midnight commander you can just press enter over the tarball to enter it and just copy the stuff into /etc/firewall with F5. if you don't have mc.. you should, urpmi mc) , and dump the lot in /etc/firewall then have a look in /etc/firewall/gShield.conf
Possibly the best config file I have seen for simplicity.. it tells you the options you can use, and the defaults are most often correct.. The ICS is in that config file.. select MULTI=YES, and further down NAT=YES then make sure that the network address in /etc/firewall/NATS matches your internal network.. (ie 192.168.0.0, 10.0.0.x etc) thats it... when gSheild is fired up, you'll have NAT,, nothing to it. repeat, THERE IS NO COMPILATION WITH gShield. rgds Franki -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of magnet Sent: Tuesday, 3 December 2002 9:39 AM To: [EMAIL PROTECTED] Subject: Re: [newbie] internet sharing help needed On Tuesday 03 Dec 2002 1:07 am, Brian Parish wrote: > On Tue, 2002-12-03 at 01:59, magnet wrote: > > Hi all, > > Well back from the dead once again after another fresh install following > > a lost battle trying to get a firewall installed and working, damn that > > shorewall! > > > > Machine is running mdk 9.0. So here is my question... How do I manually > > configure my main machine to share it's modem connection to the other 5 > > machines on my LAN? > > > > This is my /etc/sysconfig/network file: > > > > NETWORKING=yes > > FORWARD_IPV4=true > > HOSTNAME=linux1.local.net > > DOMAINNAME=local.net > > GATEWAY=192.168.0.1 > > GATEWAYDEV=ppp0 > > > > The other machines are all using the 192.168.0.xxx range and all point to > > 192.168.0.1 as the gateway they should be using. > > > > I do NOT want to use the control centre because it demands installing > > shorewall, which has been the biggest problem of all here causing no end > > of trouble with blocked ports, breaking samba and ftp. I simple hate it > > and the documentation isn't simple enough for me to understand how to > > write iptables rules yet to achieve a fully secure machine. > > > > Hope some of you will take the time to offer some advice on this. > > > > regards > > magnet > > I too gave up on shorewall. Grab gShield. Every feature you could wish > for. Configured with a single simple conf file. > You be up an sharing in about 2 minutes - 5 if you read the fine print. > > HTH > Brian Cheers Brian, but I tried the mandrake rpm files which failed, and then tried to compile gShield from source which also didn't go too well. Can you explain how you set your ICS up please. My current situation is shorewall is installed (by default as soon as I used MCC to enable internet sharing) but it set to not start up at boot in services. Did you uninstall shorewall completely and not use MCC to set-up/enable ICS and just depend on gShield to get the results you were after? If I enable it, then this system changes my static IP from the required 192.168.0.1 to 192.168.1.1. This then throws out the rest of the network for all the other stuff I am running (samba,ftp). Even though shorewall isn't running right now, it has killed proftpd, which cannot determine the IP of this machine and refuses to now start, even though ifconf confirms the IP to be 192.168.0.1. Squid also now complains on shutdown producing errors,although this doesn't seem to affect the machine's ability to reboot. regards magnet
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
