Hi Paul and all, First, I would like to say thanks for all who help me before ! Thanks again !
Finally, I can set the IP-Table for the PPP server to use NAT function. I am using gShield to config it and it's very easy to use. But I got another problem after using it and the problem is I can't use telnet, email and browse the PPP server (PPP server installed telent, sendmail and samba service) using internal network (PPP server IP - 192.168.13.222 , internal PC IP - 192.168.13.220). Also, I was set the 192.168.13.222 as a DMZ already ! Can someone teach me where I can config the IP-Table and make all the internal PC can telent, browse and check email ? Thanks and regards, Kevin Chan <Paul Hamm Wrote:> > iptables it the firewall of choice on kernel 2.4. There is a very nice well > documented script to run iptables it is called gShield. Get it from here > http://muse.linuxmafia.org/gshield.html. Make sure that ipchains is turned > off and that iptables is turned on "> chkconfig --level 345 ipchains off" "> > chkconfig --level 345 iptables on". Then reboot you can do the rmmod insmod > if you like but rebooting works fine if you are not sure how. The main > configuration file for gShield is /etc/firewall/gShield.conf. Start gShield > by running "> /etc/firewall/gShield.rc" be sure to add this to a boot script > so it starts automatically /etc/rc.d/rc.local will do. Out of the tarball > gShield will give you a nice tight firewall configuration. Just check that > your internet and internal NICs are properly identified in the config file > and that your private IP network is configured in /etc/firewall/conf/NATS. > gShield has some settings for DMZ, DMZ is generally a third NIC in your > firewall that handles machines that need to be visible on the net but that > you want to keep away from your internal network. > > Kevin your diagram looks as though you have a network configuration issue on > the internal NIC you should have something like this the internal, private > ip network should be the same not mixed. > > +----------+ > | Internet | > +----------+ > | > +-----------------------------------------------+ > | PPP/Internet Interface(Some_Public_IP) | > | || | > | Firewall/Gateway server | > | || | > | Internal Network Interface (10.x.x.x) | > +-----------------------------------------------+ > | > +----------------------------+ > | Client machines (10.x.x.x) | > +----------------------------+ > > -----Original Message----- > From: Kevin Chan [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, February 20, 2002 10:41 PM > To: [EMAIL PROTECTED] > Subject: Can someone teach me how to set the IP-Table on RedHat 7.2 ? > > > Hi all, > > Can someone teach me how to set the IP-Table on RedHat 7.2 ? > > I would like to set the PPP Client IP-10.0.0.1 can browse interent through > PPP Server IP-192.168.13.222. The simple diagram as below : > > > Internet(0.0.0.0) > > | > > PPP Server-Internal Interface(192.168.13.222) > > | > > PPP Client (10.0.0.1) > > I was wrote the scripts on below files, but seem like don't work (p.s. these > scripts is working on RH 7.0): > > etc/ppp/ip-up.local > --------------------------- > #!/bin/bash > ipchains -A forward -s 10.0.01 -d 0/0 -j MASQ > exit 0 > > etc/ppp/ip-down.local > ------------------------------- > #!/bin/bash > ipchains -D forward -s 10.0.0.1 -d 0/0 -j MASQ > exit 0 > > Please teach me how & where I can set the IP-Table to solve my > problem........ thanks ! > > Best regards, > Kevin Chan _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
