I can only get "damp-string" services here, so it's a bog slow 56k connection here :( Didn't really want to start it up every time I make a connection, but I'd prefer to have it running at boot time. Looks like it will have to be an entry in etc/rd.d/rc.local. The GUI is quite comprehensive and has mouse pop-over help for almost all the entries you can make from it. Seems well thought out. I'd say it was worth a look at if you are interested, although it isn't strictly necessary to getting gShield up and running. You can achieve the same from just loading the config file into vi.
regards magnet On Tuesday 03 Dec 2002 4:27 pm, Franki wrote: > What is your connection??? > > When I had dialup.. I created files in /etc/ppp > called: > > ip-up.local > and > ip-down.local > > Those files are automatically run when the connection goes up or down.. > > in ip-up.local I put this line: > /etc/firewall/gShield.rc > > > That brings the firewall up when the connection goes up. > > if you have cable or dsl.. > you can put it at the end of the file /etc/rc.d/rc.local > > which will bring it up at the end of the boot process. > > I have it in both because I use pppoe for my ADSL... > > can't hurt any for you to do the same.. been running it this way for years > now with no problems.. > > > Doesn't gSheild just rule??? :-) > > I've never seen the GUI config.. whats it like???? > > rgds > > Frank > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of magnet > Sent: Tuesday, 3 December 2002 8:54 PM > To: [EMAIL PROTECTED] > Subject: Re: [newbie] internet sharing help needed > > > Hi Franki, > > It was late and I was getting tired when I tried it last. You are, of > course correct about gShield just being a script. I was getting confused > with the tar file configuration GUI that is an optional extra, which has to > be made. > > Anyway, here is a brief "what I did" for anyone else reading this. Got the > GUI > to compile and install >AFTER< placing gShield scripts in /etc/firewall and > editing gShield.conf file to suit my IP ranges. > Fired it up and amazing... it started to work right away :) > > Now... last few questions for this query... > Can I now uninstall shorewall from this machine. it isnt running anyway and > I > don't ever plan to use it EVER again after the last few weeks of grief it > has > caused me? ;-) > How do get the gShield.rc script to be executed on booting the machine > rather > than opening up a console as su and typing /etc/firewall/gShield.rc each > time? > > regards > magnet > > ===================================================== > > On Tuesday 03 Dec 2002 6:19 am, Franki wrote: > > There is no compilation of gShield.. its just shell scripts.. > > > > just download the tarball from their site.. uncompress it (if you have > > midnight commander you can just press enter over the tarball to enter it > > and just copy the stuff into /etc/firewall with F5. if you don't have > > mc.. you should, urpmi mc) > > , and dump the lot in /etc/firewall then have a look in > > /etc/firewall/gShield.conf > > > > Possibly the best config file I have seen for simplicity.. it tells you > > the > > > options you can use, and the defaults are most often correct.. > > > > The ICS is in that config file.. select MULTI=YES, and further down > > NAT=YES > > > then make sure that the network address in /etc/firewall/NATS matches > > your internal network.. (ie 192.168.0.0, 10.0.0.x etc) > > > > thats it... when gSheild is fired up, you'll have NAT,, nothing to it. > > > > repeat, THERE IS NO COMPILATION WITH gShield. > > > > rgds > > > > Franki > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of magnet > > Sent: Tuesday, 3 December 2002 9:39 AM > > To: [EMAIL PROTECTED] > > Subject: Re: [newbie] internet sharing help needed > > > > On Tuesday 03 Dec 2002 1:07 am, Brian Parish wrote: > > > On Tue, 2002-12-03 at 01:59, magnet wrote: > > > > Hi all, > > > > Well back from the dead once again after another fresh install > > > > following a lost battle trying to get a firewall installed and > > working, > > > > > damn that shorewall! > > > > > > > > Machine is running mdk 9.0. So here is my question... How do I > > manually > > > > > configure my main machine to share it's modem connection to the other > > 5 > > > > > machines on my LAN? > > > > > > > > This is my /etc/sysconfig/network file: > > > > > > > > NETWORKING=yes > > > > FORWARD_IPV4=true > > > > HOSTNAME=linux1.local.net > > > > DOMAINNAME=local.net > > > > GATEWAY=192.168.0.1 > > > > GATEWAYDEV=ppp0 > > > > > > > > The other machines are all using the 192.168.0.xxx range and all > > > > point > > > > to > > > > > > 192.168.0.1 as the gateway they should be using. > > > > > > > > I do NOT want to use the control centre because it demands installing > > > > shorewall, which has been the biggest problem of all here causing no > > > > end of trouble with blocked ports, breaking samba and ftp. I simple > > > > hate it and the documentation isn't simple enough for me to > > > > understand how to write iptables rules yet to achieve a fully secure > > > > machine. > > > > > > > > Hope some of you will take the time to offer some advice on this. > > > > > > > > regards > > > > magnet > > > > > > I too gave up on shorewall. Grab gShield. Every feature you could > > > wish for. Configured with a single simple conf file. > > > You be up an sharing in about 2 minutes - 5 if you read the fine print. > > > > > > HTH > > > Brian > > > > Cheers Brian, but I tried the mandrake rpm files which failed, and then > > tried > > to compile gShield from source which also didn't go too well. Can you > > explain > > how you set your ICS up please. > > My current situation is shorewall is installed (by default as soon as I > > used MCC to enable internet sharing) but it set to not start up at boot > > in services. > > > > Did you uninstall shorewall completely and not use MCC to set-up/enable > > ICS > > > and just depend on gShield to get the results you were after? > > > > If I enable it, then this system changes my static IP from the required > > 192.168.0.1 to 192.168.1.1. This then throws out the rest of the network > > for all the other stuff I am running (samba,ftp). Even though shorewall > > isn't running right now, it has killed proftpd, which cannot determine > > the IP of this machine and refuses to now start, even though ifconf > > confirms the IP to be 192.168.0.1. Squid also now complains on shutdown > > producing errors,although this doesn't seem to affect the machine's > > ability to reboot. > > > > regards > > magnet
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
