Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I've tried it but I'm not sure I've all did correctly.
I have simply changed my iptables text file (/etc/sysconfig/iptables) to yours. I have put the ip address of one of my network machine to this file and finally I have restarted the iptables (service iptables restart), but I have got error message like this:
Flushing all current rules and user defined chains: [OK]
Clearing all current rules and user defined chains: [OK]
Applying iptables firewall rules: Bad argument 'PT="/usr/sbin/iptables'
I have no file which name is iptables in the /usr/sbin/
to execute the script just go to a console or a terminal window, cd to the directory the script is in, become root and do a:
the script in this example is named "whatever-script.sh" but it can be called whatever you saved it as...
the "./" executes the script... you could also execute it like so:
you need to be root to run a firewall script...
also, it would help me help you if you would give me a bigger picture about your setup... you have a windows network with a linux gateway, right?? what configuration have you given the machines on the lan?? does the other stuff work (ping, web browsing, email, etc...) fine on the lan?? what kinda connection is it (cable modem, dsl, etc.)?? is squid working fine for web browsing?? are you using squid in transparent mode, or do you specify the proxy address on the client machines?? any other info you can post would be helpful...
i'm quite concerned about the double-clicking thing, though... cuz either you:
A - are doing it as a normal user, in which case it would have NO EFFECT or...
B - you are doing it as root, in which case you are possibly logged-into X as root which is a VERY BAD idea...
I have run the script with the command sh scriptname.sh, but after that my server became invisible for the rest of the network computer. I had to restart server. Now everything works like before, but the voice chat is still doesn't work.
This is my system:
As you said, I have a windows (win98 and winxp) network with a linux gateway. In the lan the windows machines have a simple windows installation, workgroup network, static internal ip, UTP cable for the internat network. I have wireless internet, public ip address . Ping work only in internal networ (I can't ping any host in the internet), because there is a router between me and my provider and the ping function is disabled. There is a mail server, a web server, an ftp server, proxy (squid). Everything works fine. There is no firewall. I specify the proxy address on the client machines (the proxy doesn't work in transparent mode).
I have tryed to connect internet directly on one of the windows machines (Draw the internet cable out of the linux eth0 and put it in the windows machine), in that case the voice chat has worked fine.
make sure that the machines on the lan have the ip address of your linux box's eth1 set as their gateway (for the NAT)... also make sure the DNS server addresses on the lan machine are correct...
you should probably focus on getting the NAT working properly and then setting-up squid should be a snap...
i can't figure-out why the firewall script above isn't working, maybe there's a bug in it, i'll look at it again... meanwhile, take a look at your logfile when you attempt to access the internet from the lan while the script is active... the script is set to log all dropped input and forward packets so you'll be able to see if something is getting dropped that shouldn't...
after running the script, attempt to connect from a machine on the lan to a web server on the linux box by putting the ip address of the internal interface (eth1) in the browser... remember to remove the proxy server from the browser's configuration as you wanna go direct... then you should see the port 80/tcp packets getting dropped in the linux box's log file right-away... if you see those, then you know the input chain is okay...
to monitor the syslog in "real-time" use something like: