XP Box won't connect to internet thru RH9 Box (firewall/dhcpd), it can only ping fire
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
XP Box won't connect to internet thru RH9 Box (firewall/dhcpd), it can only ping fire
Hello,
I have a dual nic Linux Box (RH9) that I setup (or tried to) to be a firewall/dhcpd server.
Everything seem to start up properly (no error messages)
eth0 = card connected to lan (ip 192.168.0.0) sub 255.255.255.0
eth1 = card connected to internet..
so i only have xp box connected to the lan, i'm trying to get it connected to the net through my firewall, but is doesn't connect.. only connects to the firewall it seems..
Do I absoultely have to setup an iptables/NAT? or that just a popular way of doing things?
-It looks incredibly complicated...
Well if you can ping your firewall your half way there
1.) yes you have to use nat and iptables, how else can you call it a "firewall"?
2.) NAT stands for Network address translation it routes ip and stuff all over the place
your script for simple stuff is real easy
just copy and paste the stuff below into a file and give it a
chmod +x (filename)
then execute it
I tweaked otis's script to give you a little bit of security. I also dropped the modprobe lines in the hope they won't be necessary (I've never needed them, anyway.) Also, iptables's path may differ on your machine so I changed that bit too. And I dropped the IPADDR variable since I didn't see it referenced anywhere else in the script.
This script will allow your internal machine to connect to the outside world, but nothing can connect to it (unless in response to your request of course, hence, ESTABLISHED,RELATED.)
I don't mean to be rude, Otis, I'm just bored right now so I figured I would gild your rose.
#!/bin/sh
# simple firewall made by otis cause this dude needed one
EXTIF=eth1
INTIF=eth0
IPTABLES=`which iptables`
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
$IPTABLES -F
$IPTABLES -X
$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -P FORWARD DROP
$IPTABLES -t nat -F
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
$IPTALBES -A INPUT -i $EXTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTALBES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTALBES -A FORWARD -o $EXTIF -i $INTIF -j ACCEPT
first PC ---> win98
2nd PC ---> winXP + RH8.0 (dual boot)
My 2nd pc have 2 NIC and which is respectively connected to the internet and also the first PC for internet connection sharing while i'm using my winXP platform.
Which means, I just know how to make the internet connection sharing through winxp, but not LINUX.
Could somebody pelase show me how to do so? Your suggestion will be much appreciated.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.