hello wonderful, wonderful people!!

i've ran into a bit of a problem on Mandrake9.0 (yet again).

my iptales sems to be odd, i'mnot sure what its doing, cause iptables is something i've never even heard of untill last week.

when i run iptables -L, i get a LOAD of thigs coming up, and i don't understand anything that happens (i can post if you want). however, if i go into MCC->System->Services and click the stop button next to the iptables service entry, My samba shares become available to me, but i ose my shared network connection.


can someone please gve me a list of commands to type for ip tables taht would remve all blockages set by it on eth0, keep anything thats on it(or make it a better firewall) for /dev/modem, and still allow me t share the internet connection from my little server??

PLease?

Ta!

Hi, first, check my sig for a sample iptables script.

Second, iptables is not only a firewall but it also acts as a router, which is why you lose connectivity to your internal machines when iptables is stopped.

The best thing for you to do is find out where the rules for your system are located, and then edit them to open or close ports as you see fit.

Remember, drop everything, then let only what you want open to be open.....

samba uses port 138/139, so set up a rule to allow internal connections on that port..... if you allow external, then anyone on the net will be able to access files in your samba share!!!....

Post back any questions once you've looked into this....

HTH, good luck

if you do 'iptables -nvL' & 'iptables -t nat -nvL' you will get a list of the rules that are working.

If you shut down the iptables service entry, you will also be shutting down the ip_forward function, which allows packets to pass between interfaces...

echo 1 > /proc/sys/net/ipv4/ip_forward
will restore the networking but leave you without any firewalling...

This will give you a chance to investigate your rulesets and open services you want to use.

Read the firewall-HOWTO:

http://bitblit.net/~xbox/thinknerd/a...Firewall-HOWTO

almost everything that all you wonderful guys have saud makes little sense to me. If i use mychls script, and edit it slightly, will that work?

Idea: Use a nice Graphical User Interface (GUI) frontend for iptables, like Guarddog, then you only have to click a few check boxes to enable what you want.

thats better. i like idiot-proof solutions. although i LOVE to play about with CLI's, i prefer to do t once i've got the blasted thing working frst, so i can see whats gong on at the ground level.

one other thig, which MAY be related...
since i've installed internet conection sharing on my linuxbox, i can no longer access the internet directly from my linux box, i can only do this from ly laptop once its plugged into the box through the LAN. any ideas? or should i putthis in another post?

Hmm, try Guarddog first and see if that fixes any/all of your connection problems
I had problems with the default Mandrake firewall, Shorewall, but once I got my modem drivers installed and guarddog set up, all is well.

This may be (probably is!) a stupid question, but does guarddog support masquerading for routing, or is it just a local firewall?

Jim

Masquerading is a firewall function too.

Guarddog does this.

Also you can look at Firestarter. It has some very good instructions/help screens too.