Alas another newbie in the pool, watch me splash!!!

I have been attempting to use SuSE for some time and I seem to have gotten into a rut with playing with it until my attention span diminishes and I find something else to play with....

BUT times are changing !!!

I have dreams and hopes of setting up my SuSE 8.1 box as a router, firewall, squid proxy, and a game server for the house with Counter strike and Return to castle wolfenstein....

Okay so setting up the game servers is easy, no brainer. It is the rest of it that kind of taxes my attention span and organizational skills

Here is the setup...

current
1.) cable modem --> linksys befsx41 --> SuSE 8.1 box and windows clients, all 2000 and XP (all connected to router ports 1,2,3).

possible set up?
2.)cable modem --> linksys router --> SuSE 8.1 --> hub/router --> windows machines.

The rest of the house is on there hub. I do a lot of my own stuff for work and need the VPN endpoint and I do not want anyone else on my segmentnore poking at my machine, I am picky that way.

Is this possible to do?

Now the hopes for the SuSE box.

It has 3 nics, eth0, eth1, eth2
eth0 --> router (outbound)
eth1 --> down un-used right now
eth2 --> crossover to windows nic (but windows can not ping eth2 or vise versa. (HELP) :cry

So this is where I am stuck. Before I set up the firewall and the Squid proxy I just want to be able to ping between the SuSE 8.1 and windows XP machines via a cross over cable. But if I disable the firewall I can not ping/connect to the internet nor internally. If I enable the SuSEfirewall2 I can establish an internet connection but still no internal connection. So I have it setup right now with eth1 internet, eth2 internal, services ssh and 10000.

I want to set up the Squid proxy then the firewall but I can not due to my ISSUES.

Easy hu? Yep.

I did install Webmin for now, neat-o tool.

Thanks all, Ash

Try posting the ouput (while connected and while not connected) from linux of:
route
ifconfig

and the iptables rules:
iptables -L

Then on XP:
route print
ipconfig /all

This should give us an idea of how your network is set up

Okay...

In summary:

[Router]
Wan = x:x:x:x
mask 255.255.255.0

Lan = 10.10.181.10
mask 255.255.255.0
no dhcp

[Linux]
eth0 = 10.10.181.12 Internet
eth1= 10.10.181.13 DOWN ( disabled)
eth2 = 10.10.181.14 crossover to WinXP
mask 255.255.255.0

[WinXP]
ethXP1 = 10.10.181.15
mask 255.255.255.0

This one I want to be on hub/ cross over cable to linux box
from ethXP1 to eth2 so I can keep my router between the Linux box and the cable modem. I sometimes plug in other machines to the network for a short time. They do not need access to the linux box. so that is about it...

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.181.0 * 255.255.255.0 U 0 0 0 eth0
10.10.181.0 * 255.255.255.0 U 0 0 0 eth2
default 10.10.181.10 0.0.0.0 UG 0 0 0 eth0

eth0 Link encap:Ethernet HWaddr xx:xx:xx:xx
inet addr:10.10.181.12 Bcast:10.10.181.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:72754 errors:0 dropped:0 overruns:0 frame:0
TX packets:60335 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:62195102 (59.3 Mb) TX bytes:4024016 (3.8 Mb)
Interrupt:5 Base address:0xb000

eth2 Link encap:Ethernet HWaddr xx:xx:xx:xx
inet addr:10.10.181.14 Bcast:10.10.181.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:4 dropped:0 overruns:0 carrier:8
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:3 Base address:0x9000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:201 errors:0 dropped:0 overruns:0 frame:0
TX packets:201 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:18592 (18.1 Kb) TX bytes:18592 (18.1 Kb)

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


Windows IP Configuration



Host Name . . . . . . . . . . . . : ARGUS1

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) :



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) #2

Physical Address. . . . . . . . . : Windows IP Configuration



Host Name . . . . . . . . . . . . : ARGUS1

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) :



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) #2

Physical Address. . . . . . . . . : xx:xx:xx:xx

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 10.10.181.15

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.10.181.10

DNS Servers . . . . . . . . . . . : 216.148.227.68

204.127.202.4

NetBIOS over Tcpip. . . . . . . . : Disabled

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 20 78 18 30 c2 ...... Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.181.10 10.10.181.15 20
10.10.181.0 255.255.255.0 10.10.181.15 10.10.181.15 20
10.10.181.15 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.10.181.15 10.10.181.15 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.10.181.15 10.10.181.15 20
255.255.255.255 255.255.255.255 10.10.181.15 10.10.181.15 1
Default Gateway: 10.10.181.10
===========================================================================
Persistent Routes:
None


Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 10.10.181.15

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.10.181.10

DNS Servers . . . . . . . . . . . : 216.148.227.68

204.127.202.4

NetBIOS over Tcpip. . . . . . . . : Disabled

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 20 78 18 30 c2 ...... Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.181.10 10.10.181.15 20
0.10.181.0 255.255.255.0 10.10.181.15 10.10.181.15 20
10.10.181.15 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.10.181.15 10.10.181.15 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.10.181.15 10.10.181.15 20
255.255.255.255 255.255.255.255 10.10.181.15 10.10.181.15 1
Default Gateway: 10.10.181.10
===========================================================================
Persistent Routes:
None

//mod.note: I'll move this one over to networking.

My first inclination is to change the network addresses that you use on one side of the linux box. It is a lot easier for routing purposes if you use different address ranges like:

192.168.1.* = WAN
172.31.10.* = DMZ (If you create one in the future with eth1)
10.10.181.* = LAN

This should then give you a routing table and address scheme something like:

Thanks for the input, tonight I will reconfigure the IPs and see if it works. I may have a bad NIC too, so I will swap it out. I am sure that I will be posting for more help again, THANKS very much, sometimes it is the simple things that work best.

Ash

Thaanks all for the HELP and guidance...

I replaced the nic and whala it works. I even went as far to use different nets fro my nics... much simpler to work with

Now I have to get SuSEfirewall2 going... BUT ( lol ) I removed it via yast from a console window remotely and then tried to "re-install" it to replace the mess I made of it but now I no longer have an ICON in YAST2. Any sugestions as to what forum I can post in to resolve yet another newbie hapenstance

Thanks again everyone for all the help!!!

Ash

Well done - I find it much easier using diefferent IP ranges - it is easier to keep it more secure in terms of firewalling as you can allow or deny complete IP ranges.

Good luck with the YAST problem!

Thanks david_ross,

Sorry to get back to you after so long, I have been very busy. I have since re-installed SuSE and have set it back up the way it was before, but with less mistakes.

I will post my rules here soon, I am reading the unoffical suse fw faq.

Thanks again, Ash