LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 03-14-2004, 11:50 PM   #1
ryedunn
Member
 
Registered: Jul 2003
Location: Chicago
Distribution: Fedora, ubuntu
Posts: 458

Rep: Reputation: 30
Problems with iptables not allowing internet sharing.


both machines are able to ping each other when I type iptables -L I get the following:
Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            state ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state ESTABLISHED
ACCEPT     udp  --  anywhere             anywhere            state ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp-data
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
LOG        all  --  anywhere             anywhere            limit: avg 3/sec burst 5 LOG level warning
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
LINUX
eth0 = linux internet connection
eth1 = linux lan 192.168.0.1

XP
LAN = 192.168.0.2
gateway = 192.168.0.1
Mask = 255.255.255.0

any suggestions?
Thank you
The GNUbie

Last edited by ryedunn; 03-14-2004 at 11:51 PM.
 
Old 03-15-2004, 12:10 AM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Did you add rules to allow connection sharing? Simply doing iptables -L won't show the POSTROUTING table (where the connection sharing rules should be). Try doing:

iptables -t nat -L

If you haven't added any connection sharing rules, you'll need to either set up masquerading or SNAT. Which one you want depends on whether the linux box (eth0) gets a static or dynamic IP.
 
Old 03-15-2004, 06:28 AM   #3
ryedunn
Member
 
Registered: Jul 2003
Location: Chicago
Distribution: Fedora, ubuntu
Posts: 458

Original Poster
Rep: Reputation: 30
over my head

ok I know Im over my head with IPTABLES but Im hoping someone can help me as I need to get it running before the time it will take me to read the man on it.
the results of iptables -t nat -L are as follows:
Code:
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Again I dont know squat about Masquerading but to me that looks like it should be setup correctly? Is there something else I need to check?

Thank you,
The GNUbie
 
Old 03-15-2004, 08:30 AM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
OK, you got a Masquerading rule that looks alright, but you still don't have any forwarding rules to move packets from the internal interface to the external one and vice-versa. Add the following rules:

iptables -A FORWARD -i eth1 -o eth0 - j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT

Then make sure packet forwarding is on in the kernel:

echo "1" > /proc/sys/net/ipv4/ip_forward

If that doesn't work, do:
/usr/sbin/iptables-save > test

and post the contents of that
 
Old 03-15-2004, 08:56 AM   #5
ryedunn
Member
 
Registered: Jul 2003
Location: Chicago
Distribution: Fedora, ubuntu
Posts: 458

Original Poster
Rep: Reputation: 30
ok everything out on the table

ok here is the rc.firewall
Code:
IPTABLES=/sbin/iptables

#flush existing rules
$IPTABLES -F INPUT

#This allows all data that has been sent out for the computer running the
#firewall to come back (for all of ICMP/TCP/UDP). For example, if a ping
#request is made it will allow the reply back
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p icmp
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p tcp
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p udp

#Accept everything from eth1 
$IPTABLES -A INPUT -i eth1 -j ACCEPT
#Forward packets from eth1 through eth0
$IPTABLES -A FORWARD -i eth1 -o eth0 - j ACCEPT
$IPTABLES -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT

#Allow incoming FTP requests
$IPTABLES -A INPUT -p tcp --dport 20 -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 21 -j ACCEPT

#Allow incoming SSH requests
$IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT

#Allow incoming HTTP requests (to Web server)
#$IPTABLES -A INPUT -p tcp --dport 80 -j ACCEPT

#Drop and log all other data
#The logging is set so if more than 5 packets are dropped in 
#three seconds they will be ignored. This helps to prevent a DOS attack
#Crashing the computer the firewall is running on 
$IPTABLES -A INPUT -m limit --limit 3/second --limit-burst 5 -i ! lo -j LOG
$IPTABLES -A INPUT -i ! lo -j DROP
After I entered the new info you helped me with I tried to reload rc.firewall and got this error:
[root@x1-6-00-0c-41-25-f3-48 rc.d]# ./rc.firewall
Bad argument `-'
Try `iptables -h' or 'iptables --help' for more information.
I dont know where that is coming from.

Finally,
[root@x1-6-00-0c-41-25-f3-48 rc.d]# echo "1" > /proc/sys/net/ipv4/ip_forward
[root@x1-6-00-0c-41-25-f3-48 rc.d]# /usr/sbin/iptables-save > test
bash: /usr/sbin/iptables-save: No such file or directory
[root@x1-6-00-0c-41-25-f3-48 rc.d]#
Im guessing something is not turned on that needs to?

I really appreciate all this help!
 
Old 03-15-2004, 09:40 AM   #6
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
IPTABLES=/sbin/iptables



#flush existing rules
$IPTABLES -F INPUT
$IPTABLES -F OUTPUT
$IPTABLES -F FORWARD

#Set Default Policies
$IPTABLES -P INPUT DROP
$IPTABLES -P FORWARD DROP

$IPTABLES -A POSTROUTING -o eth0 -j MASQUERADE

#This allows all data that has been sent out for the computer running the
#firewall to come back (for all of ICMP/TCP/UDP). For example, if a ping
#request is made it will allow the reply back
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED -i eth0 -p icmp
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED -i eth0 -p tcp
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED -i eth0 -p udp

#Accept everything from eth1
$IPTABLES -A INPUT -i eth1 -j ACCEPT
#Forward packets from eth1 through eth0
$IPTABLES -A FORWARD -i eth1 -o eth0 -j ACCEPT <~SYNTAX CHANGED;REMOVED EXTRA SPACE
$IPTABLES -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT

#Allow incoming FTP requests
$IPTABLES -A INPUT -p tcp --dport 20 -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 21 -j ACCEPT

#Allow incoming SSH requests
$IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT

#Allow incoming HTTP requests (to Web server)
#$IPTABLES -A INPUT -p tcp --dport 80 -j ACCEPT

#Drop and log all other data
#The logging is set so if more than 5 packets are dropped in
#three seconds they will be ignored. This helps to prevent a DOS attack
#Crashing the computer the firewall is running on
$IPTABLES -A INPUT -m limit --limit 3/second --limit-burst 5 -i ! lo -j LOG
$IPTABLES -A INPUT -i ! lo -j DROP
 
Old 03-15-2004, 11:49 AM   #7
ryedunn
Member
 
Registered: Jul 2003
Location: Chicago
Distribution: Fedora, ubuntu
Posts: 458

Original Poster
Rep: Reputation: 30
ok I think we got it..

Im getting the error, "iptables: No chain/target/match by that name" so I looked up one of your old posts #52034 and Im guessing that I dont have the module ipt_MASQUERADE installed. Once I get home tonight Im going to give that a try.

Thanks again Capt!
 
Old 03-15-2004, 01:40 PM   #8
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Sorry for the stream of brainfarts. Should be:

$IPTABLES -t nat -A POSTROUTING -o eth0 -j MASQUERADE

You can check to see if the module is loaded with the lsmod command. Should either already be loaded or will auto-load after you enter the iptables rule.

--EDIT--

Also make sure to take out the comment "<~SYNTAX CHANGED; REMOVED EXTRA SPACE" if you are directly pasting to your script.

Last edited by Capt_Caveman; 03-15-2004 at 01:45 PM.
 
Old 03-15-2004, 03:07 PM   #9
ryedunn
Member
 
Registered: Jul 2003
Location: Chicago
Distribution: Fedora, ubuntu
Posts: 458

Original Poster
Rep: Reputation: 30
nice work

yes it appears that the MASQUERADE line was the problem. It also looks like rc.firewall is loading properly now and yes the ipt_MASQUERADE module was loaded.

I still dont know if it works (at work now). But I have faith you nailed it.

YDM!!!
 
Old 03-15-2004, 04:55 PM   #10
g452
Member
 
Registered: May 2003
Location: tswane
Distribution: Slackware 9.1
Posts: 113

Rep: Reputation: 15
Question ip masq + iptables

sorry to jump in like this but i am in need of some help

i use slackware 9.0 and is trying to set it up to be a NAT pc cause that all the pc is usefull for - and to connect my pc's in the LAN to the internet

i have done and loaded all i could and i still can't get it to work right - can anyone be of some assistance please

thanx
 
Old 03-15-2004, 06:35 PM   #11
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
g452, could you be a little more specific about the problems (what error messages), how your basic network is setup, as well as provide your firewall rules or script.

You should also just start a new thread as it may or may not be a related issue. Eitherway, I'll give you a hand if someone hasn't helped you already.
 
Old 03-16-2004, 01:26 PM   #12
g452
Member
 
Registered: May 2003
Location: tswane
Distribution: Slackware 9.1
Posts: 113

Rep: Reputation: 15
Question iptables

i am trying to do the exact same thing

my pc's can ping each other but i can't get the pc's on the lan to connect to the internet

i want my slackware pc to be the router

i have read everything and done things like everyone sais but i can't get the things to work - all i want is NAT or Masq like it is called in linux - a firewall isn't that big an issue but if it can be setup with the nat it will be cool

i did download a program called firestarter - didn't work

i installed a thing called smoothwall i got connected but at a snales pace - the higest download speed i could get is 800b/ps instead of my normal 5.0Kb/s or faster

then i tried playing and getting iptables to work by hand - no luck - i also think that i haven't setup my 56k modem right cause when i ping a site from my server pc it takes ages to resolv and to get ping reply

i tried irqtune but can't seem to get it to install on my slackware pc's - have to figure that out

then i tried making the kernel where i found a whole section called networking with everything in it about NAT Masq iptables being a server pc and all then i comoiled and tried to run the new kernel and i get some errors - at least pc starts up -

and I WOULD REALLY LOVE TO GET RID OF WINDOWZ FROM MY PC's !! I DON'T WANT TO USE WINDOWZ

i did start a new tread but nothing is happening to it - it is called "Linux + NAT"

i have in place a firewall called rc.firewall which i will paste in a seperate reply . . .

my setup looks like this:
gigabyte mb
Pi 200Mhz MMX
64MB RAM
2GB drive (and i install the whole of slackware and a swap partition plus a seperate kernel source !! )
s3 trio64V+ screen card
3com ethernet 10Mbits network card - eth0 - ip addy 192.168.1.1
duxbury 56k modem on ttyS0/com 1 - ppp0 - dynamic ip addy
Slackware 9.0 kernel 2.4.20

if i can get this going i will be able to solve most of my problems

thanx for the help so far

 
Old 03-16-2004, 01:29 PM   #13
g452
Member
 
Registered: May 2003
Location: tswane
Distribution: Slackware 9.1
Posts: 113

Rep: Reputation: 15
rc.firewall

#!/bin/sh
#
# rc.firewall-2.4
FWVER=0.75
#
# Initial SIMPLE IP Masquerade test for 2.4.x kernels
# using IPTABLES.
#
# Once IP Masquerading has been tested, with this simple
# ruleset, it is highly recommended to use a stronger
# IPTABLES ruleset either given later in this HOWTO or
# from another reputable resource.
#
#
#
# Log:
# 0.75 - Added more kernel modules to the comments section
# 0.74 - the ruleset now uses modprobe vs. insmod
# 0.73 - REJECT is not a legal policy yet; back to DROP
# 0.72 - Changed the default block behavior to REJECT not DROP
# 0.71 - Added clarification that PPPoE users need to use
# "ppp0" instead of "eth0" for their external interface
# 0.70 - Added commented option for IRC nat module
# - Added additional use of environment variables
# - Added additional formatting
# 0.63 - Added support for the IRC IPTABLES module
# 0.62 - Fixed a typo on the MASQ enable line that used eth0
# instead of $EXTIF
# 0.61 - Changed the firewall to use variables for the internal
# and external interfaces.
# 0.60 - 0.50 had a mistake where the ruleset had a rule to DROP
# all forwarded packets but it didn't have a rule to ACCEPT
# any packets to be forwarded either
# - Load the ip_nat_ftp and ip_conntrack_ftp modules by default
# 0.50 - Initial draft
#

echo -e "\n\nLoading simple rc.firewall version $FWVER..\n"


# The location of the iptables and kernel module programs
#
# If your Linux distribution came with a copy of iptables,
# most likely all the programs will be located in /sbin. If
# you manually compiled iptables, the default location will
# be in /usr/local/sbin
#
# ** Please use the "whereis iptables" command to figure out
# ** where your copy is and change the path below to reflect
# ** your setup
#
IPTABLES=/usr/sbin/iptables
#IPTABLES=/usr/local/sbin/iptables
DEPMOD=/sbin/depmod
MODPROBE=/sbin/modprobe


#Setting the EXTERNAL and INTERNAL interfaces for the network
#
# Each IP Masquerade network needs to have at least one
# external and one internal network. The external network
# is where the natting will occur and the internal network
# should preferably be addressed with a RFC1918 private address
# scheme.
#
# For this example, "eth0" is external and "eth1" is internal"
#
#
# NOTE: If this doesnt EXACTLY fit your configuration, you must
# change the EXTIF or INTIF variables above. For example:
#
# If you are a PPPoE or analog modem user:
#
# EXTIF="ppp0"
#
#
EXTIF="ppp0"
INTIF="eth0"
echo " External Interface: $EXTIF"
echo " Internal Interface: $INTIF"


#======================================================================
#== No editing beyond this line is required for initial MASQ testing ==


echo -en " loading modules: "

# Need to verify that all modules have all required dependencies
#
echo " - Verifying that all kernel modules are ok"
$DEPMOD -a

# With the new IPTABLES code, the core MASQ functionality is now either
# modular or compiled into the kernel. This HOWTO shows ALL IPTABLES
# options as MODULES. If your kernel is compiled correctly, there is
# NO need to load the kernel modules manually.
#
# NOTE: The following items are listed ONLY for informational reasons.
# There is no reason to manual load these modules unless your
# kernel is either mis-configured or you intentionally disabled
# the kernel module autoloader.
#

# Upon the commands of starting up IP Masq on the server, the
# following kernel modules will be automatically loaded:
#
# NOTE: Only load the IP MASQ modules you need. All current IP MASQ
# modules are shown below but are commented out from loading.
# ===============================================================

echo "----------------------------------------------------------------------"

#Load the main body of the IPTABLES module - "iptable"
# - Loaded automatically when the "iptables" command is invoked
#
# - Loaded manually to clean up kernel auto-loading timing issues
#
echo -en "ip_tables, "
$MODPROBE ip_tables


#Load the IPTABLES filtering module - "iptable_filter"
# - Loaded automatically when filter policies are activated


#Load the stateful connection tracking framework - "ip_conntrack"
#
# The conntrack module in itself does nothing without other specific
# conntrack modules being loaded afterwards such as the "ip_conntrack_ftp"
# module
#
# - This module is loaded automatically when MASQ functionality is
# enabled
#
# - Loaded manually to clean up kernel auto-loading timing issues
#
echo -en "ip_conntrack, "
$MODPROBE ip_conntrack


#Load the FTP tracking mechanism for full FTP tracking
#
# Enabled by default -- insert a "#" on the next line to deactivate
#
echo -en "ip_conntrack_ftp, "
$MODPROBE ip_conntrack_ftp


#Load the IRC tracking mechanism for full IRC tracking
#
# Enabled by default -- insert a "#" on the next line to deactivate
#
echo -en "ip_conntrack_irc, "
$MODPROBE ip_conntrack_irc


#Load the general IPTABLES NAT code - "iptable_nat"
# - Loaded automatically when MASQ functionality is turned on
#
# - Loaded manually to clean up kernel auto-loading timing issues
#
echo -en "iptable_nat, "
$MODPROBE iptable_nat


#Loads the FTP NAT functionality into the core IPTABLES code
# Required to support non-PASV FTP.
#
# Enabled by default -- insert a "#" on the next line to deactivate
#
echo -en "ip_nat_ftp, "
$MODPROBE ip_nat_ftp


#Loads the IRC NAT functionality into the core IPTABLES code
# Required to support NAT of IRC DCC requests
#
# Disabled by default -- remove the "#" on the next line to activate
#
#echo -e "ip_nat_irc"
#$MODPROBE ip_nat_irc

echo "----------------------------------------------------------------------"

# Just to be complete, here is a partial list of some of the other
# IPTABLES kernel modules and their function. Please note that most
# of these modules (the ipt ones) are automatically loaded by the
# master kernel module for proper operation and don't need to be
# manually loaded.
# --------------------------------------------------------------------
#
# ip_nat_snmp_basic - this module allows for proper NATing of some
# SNMP traffic
#
# iptable_mangle - this target allows for packets to be
# manipulated for things like the TCPMSS
# option, etc.
#
# --
#
# ipt_mark - this target marks a given packet for future action.
# This automatically loads the ipt_MARK module
#
# ipt_tcpmss - this target allows to manipulate the TCP MSS
# option for braindead remote firewalls.
# This automatically loads the ipt_TCPMSS module
#
# ipt_limit - this target allows for packets to be limited to
# to many hits per sec/min/hr
#
# ipt_multiport - this match allows for targets within a range
# of port numbers vs. listing each port individually
#
# ipt_state - this match allows to catch packets with various
# IP and TCP flags set/unset
#
# ipt_unclean - this match allows to catch packets that have invalid
# IP/TCP flags set
#
# iptable_filter - this module allows for packets to be DROPped,
# REJECTed, or LOGged. This module automatically
# loads the following modules:
#
# ipt_LOG - this target allows for packets to be
# logged
#
# ipt_REJECT - this target DROPs the packet and returns
# a configurable ICMP packet back to the
# sender.
#

echo -e " Done loading modules.\n"



#CRITICAL: Enable IP forwarding since it is disabled by default since
#
# Redhat Users: you may try changing the options in
# /etc/sysconfig/network from:
#
# FORWARD_IPV4=false
# to
# FORWARD_IPV4=true
#
echo " Enabling forwarding.."
echo "1" > /proc/sys/net/ipv4/ip_forward


# Dynamic IP users:
#
# If you get your IP address dynamically from SLIP, PPP, or DHCP,
# enable this following option. This enables dynamic-address hacking
# which makes the life with Diald and similar programs much easier.
#
echo " Enabling DynamicAddr.."
echo "1" > /proc/sys/net/ipv4/ip_dynaddr


# Enable simple IP forwarding and Masquerading
#
# NOTE: In IPTABLES speak, IP Masquerading is a form of SourceNAT or SNAT.
#
# NOTE #2: The following is an example for an internal LAN address in the
# 192.168.1.x network with a 255.255.255.0 or a "24" bit subnet mask
# connecting to the Internet on external interface "ppp0". This
# example will MASQ internal traffic out to the Internet but not
# allow non-initiated traffic into your internal network.
#
#
# ** Please change the above network numbers, subnet mask, and your
# *** Internet connection interface name to match your setup
#


#Clearing any previous configuration
#
# Unless specified, the defaults for INPUT and OUTPUT is ACCEPT
# The default for FORWARD is DROP (REJECT is not a valid policy)
#
echo " Clearing any existing rules and setting default policy.."
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F

echo " FWD: Allow all connections OUT and only existing and related ones IN"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG

echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF"
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE



echo -e "\nDone.\n"

Last edited by g452; 03-16-2004 at 01:31 PM.
 
Old 03-16-2004, 05:25 PM   #14
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Couple of things, the firewall script looks ok. Try executing (running) the script manually as root, post any errors you get. If it runs ok, run the following commands:

iptables -L > test
lsmod > loaded_modules

and post the contents of the files named 'test' and 'loaded_modules. Obviously see if you can get out to the internet from the LAN machine at this point.

Second thing I'm concerned about is that you may have mangled the configuration during the compile. In general, you should make sure you know what you are doing when you tweak things in linux. It's good to try things out, just do some reading about what they do beforehand. Randomly changing settings, compiling things, and installing the latest foo-matic 2004 firewall usually doesn't do much to fix things.

Third thing. Check the routing table settings on both systems. The LAN machine should have 192.168.1.1 as its gateway and the router should have a routing table entry set up so that packets for the 192.168.1. subnet should be routed through eth0. To check the settings just type "route" without the quotes and post the output.
 
Old 03-16-2004, 06:17 PM   #15
g452
Member
 
Registered: May 2003
Location: tswane
Distribution: Slackware 9.1
Posts: 113

Rep: Reputation: 15
the firewall starts just right

i did run those commands but nothing get's printed on the screen

" root@fw:~# iptables -L > test
root@fw:~# lsmod > loaded_modules
root@fw:~#
"
i can't test the connection from that pc cause my modem is not connected to it -

secondly - not to fight or sound funny - but i honsetly don't go around pressing stuff at random- - but if i mangled the whole setup might be possible - i am really still learning alot and with all the howto's out there is is really taking time -

thirdly - the routing info on the client pc's shows twards the server pc - concerning the route entry there is only two things : loopback and localnet :

Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo

?? maybe i should reinstall ??

i did compile the kernel again taking my time to go through all the options very carefully and it compiled without error - the question on my mind is if the kernel was installed right - cause i did reboot and the pc booted like it supposed to so i don't know ho to check if the new one is running

please can i make use of the time to say thanx for the help so far - i am sure u have far better things to do that to help me out and i am gratefull for it



i also came to another conclusion - i think i messed up my iptables too !!

here follows the route i took to install my kernel:
*make mrproper (I dont do this most of the time since it will remove your .config)
*make menuconfig (ncurses based kernel configuration menu system)
*make dep (fixor up them dependencies)
*make clean (get rid of old o files and stuff)
*make (build it)
*make install (read the note below for this one)
*make modules (build the modules)
*make modules_install (install the modules)

Last edited by g452; 03-16-2004 at 06:22 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Allowing TCP/IP connection while sharing the internet bhargav_kairos Linux - Networking 0 04-12-2004 02:47 AM
Internet Sharing with iptables? can it be done? sitmex Linux - Networking 3 03-09-2004 04:25 PM
Sharing internet connection with iptables chatmanpk Linux - Networking 2 09-27-2003 05:30 PM
iptables fwding for internet sharing help seth Linux - Networking 3 08-20-2003 11:29 AM
Internet connection sharing with iptables specialmunky Linux - Newbie 10 10-29-2002 01:10 PM


All times are GMT -5. The time now is 10:06 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration