LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-13-2003, 10:38 AM   #1
dunmarie
Member
 
Registered: Aug 2003
Location: Johannesburg, South Africa
Distribution: RedHat 9.0; SmoothWall Express
Posts: 43

Rep: Reputation: 15
Firewall


I am setting up a firewall in Linux using Redhat 9.0 (command line). I have loaded the standard "Servers" installation and installed two network cards.
On the one side my private network with IP: 10.xx.xxx.x and on the other a Router connecting to the Internet with a public IP: 196.xx.xxx.xxx.
My firewall, to be, has been setup with one nic (eth1) with IP: 10.xx.xxx.xxx to match my private network and on the other nic (eth0) with a public IP: 196.xx.xxx.xxx.
The firewall software has been set to no firewall in order for me to get the routing right. From the firewall, to be, I can ping my private network as well as the Internet. No problem.
From my private network, with Windows XP and gateway set to my firewall eth0 IP I can ping both nics, but I can't ping the Router nor the Internet.
The following settings has been done:

ifcfg-eth0:
DEVICE=eth0
IPADDR=196.xx.xxx.xxx
NETMASK=255.xxx.xxx.xxx
NETWORK=196.xx.xxx.xxx
BROADCAST=196.xx.xxx.xxx
ONBOOT=yes

ifcfg-eth1:
DEVICE=eth1
IPADDR=10.xx.xxx.xxx
NETMASK=255.xxx.xxx.xxx
NETWORK=10.xx.xxx.xxx
BROADCAST=10.xx.xxx.xxx
GATEWAY=196.xx.xxx.xxx (eth0)
ONBOOT=yes

route:
196.xx.xxx.x * 255.xxx.xxx.x eth0
10.xx.xxx.x * 255.xxx.xxx.x eth1
127.0.0.0 * 255.0.0.0 lo
default 196.xx.xxx.xxx 0.0.0.0 eth0

Iptables is setup to ACCEPT FORWARD
In sysctl.conf the line net.ipv4.ip_forward = 1 is set.

Is there something I am missing?
I can't find anything in the HOWTO's. I am sure it must be something simple.

Will I be able to use this Linux box to setup a VPN and Proxy as well?
It is a PIII 600MHz with 128MB ram.
Any help will be appreciated.
Thanks in advance.
 
Old 09-18-2003, 12:19 AM   #2
Saraev
Member
 
Registered: Apr 2002
Location: Los Gatos, CA
Distribution: boring redhat 9
Posts: 163

Rep: Reputation: 30
I don't quite understand. Is the linux box the router you're using, or do you have an additional router inbetween linux box and the Internet?

If you have a separate physical router, you need to use a second private network ID between the router and the linux box. The linux box shouldn't see the "public" addresses.

If you don't have a separate physical router, the linux box IS the router, make sure the /proc/sys/net/ipv4/ip_forward file has the "1" in it. I've found that I have to force it with the line "echo "1" >/proc/sys/net/ipv4/ip_forward" in the /etc/rc.local file.
 
Old 09-18-2003, 07:16 AM   #3
dunmarie
Member
 
Registered: Aug 2003
Location: Johannesburg, South Africa
Distribution: RedHat 9.0; SmoothWall Express
Posts: 43

Original Poster
Rep: Reputation: 15
There is a Cisco router with public IP between the firewall and the Internet. I have managed to get it going. Please look at the following post.
http://www.linuxquestions.org/quest...&threadid=82005

Also look at the following link.
http://morizot.net/firewall/gen/

My problem was with the iptables.
Thanks for all the help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
BSD Firewall vs Linux Firewall ? rootlinux Linux - Security 5 08-29-2007 08:38 AM
Firewall lets ips which are not in the firewall ... why ? sys7em Linux - Networking 2 06-30-2005 01:50 PM
Firewall with features of a Sidewinder firewall? abcampa Linux - Security 4 04-22-2005 05:24 PM
slackware's /etc/rc.d/rc.firewall equivalent ||| firewall script startup win32sux Debian 1 03-06-2004 10:15 PM
Firewall Builder sample firewall policy file ? (.xml) nuwanguy Linux - Networking 0 09-13-2003 01:32 PM


All times are GMT -5. The time now is 08:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration