Guys I know u are gonna tell me this has been discussed a million times. I have googled and you are right. The stuff that works for most is not workign for me. I can't get guarddog and guidedog to work together. I can't get firestarter to function properly. I can;t use squid. I am to newb to use ipchains. I don't know wtf I am doing in the webmin ipchains. This is like the only thing that i dread of linux networking. I can set up dhcp and ftp but I can;t get the damn thing to sahre internet. Some one please help me, if u get the time/chance. My setup is simple. server has 2 nics eth0 & eth1. eth0 is connected to my cable modem. eth1 is connected to my hub. What do u need from me?

If you're new to this then I would suggest a GUI frontend like Firestarter. It will allow you to easily configure NAT, port forwarding and many other aspects of your LAN firewall quite easily.

I suggest a visit the website, http://firestarter.sourceforge.net, and read the manual.
Version 0.9.3-4 and all dependencies are currently in testing. It should work. Perhaps there's a problem with your hardware.

More details please.

firestarter doesn't recognize my network and when i tell it my network it still doesn;t work. Thats why i said it doesn;t work. the manual has no good trouble shooting guide.

four steps to go:

1.- Install divers for both net cards with modconf. By default Debian does it's best to detect and bring the first card up. Test with ifconfig. You should see entries for eth0 and eth1.

If you find only one card is working, you'll have to bring second card up with something like:
# ifconfig eth1 192.168.1.254 netmask 255.255.0.0 up

2.- Install etherconf. It will help you configure your network cards.
# apt-get install etherconf

If later you want to change your settings just run:
# dpkg-reconfigure etherconf

3.- install iptables
# apt-get install iptables

4.- Install a firewall and make sure it auto-starts on reboot. Copy firewall (or whatever you want to call it) to /etc/init.d/ and then run:
# update-rc.d firewall defaults

Here's a sample very basic firewall which you may want to trim yourself. This has been adapted from:
http://www.linuxguruz.com/iptables/s...rewall_020.txt

-------------------------------------------------
#!/bin/bash
# A basic firewall you must copy to:
# /etc/init.d/firewall
# Parameters.
# Your internet card
OUT_DEV="eth1"
# Your lan netmask and broadcast
LAN_RANGE="192.168.0.0/16"
LAN_BCAST="192.168.255.255"
# Your lan netcard's IP
LAN_IP="192.168.0.1"
# and its name
LAN_DEV="eth0"

# Flush the rules
iptables -F
iptables -t nat -F

# Masquerade ioutgoing requests
iptables -t nat -A POSTROUTING -o $OUT_DEV -j MASQUERADE
# Mask anything going out of your internal network
iptables -t nat -A POSTROUTING -d ! $LAN_RANGE -j MASQUERADE

# Handle internal traffic
iptables -A FORWARD -s $LAN_RANGE -j ACCEPT
iptables -A FORWARD -d $LAN_RANGE -j ACCEPT
iptables -A FORWARD -s ! $LAN_RANGE -j DROP

# Disable invalid incoming packages
iptables -A INPUT -i $OUT_DEV -m state --state NEW,INVALID -j DROP
iptables -A FORWARD -i $OUT_DEV -m state --state NEW,INVALID -j DROP

# Disable port 113
iptables -A INPUT --protocol udp --source-port 113 -j DROP
iptables -A INPUT --protocol udp --destination-port 113 -j DROP

# Start IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

# Route incoming packages to eth0
iptables -A PREROUTING -t nat -p tcp -i $OUT_DEV --dport 80 -j DNAT --to $LAN_IP

# Route ftp traffic to eth0
iptables -A PREROUTING -t nat -p tcp -i $OUT_DEV --dport 21 -j DNAT --to $LAN_IP

# You may start your second net card here:
ifconfig eth1 192.168.1.254 netmask 255.255.0.0 up
-------------------------------------------------------------------

Hope this helps.

I will give this a try within 2 days, hopefully. Thanx for the help.

G

Sorry its been so long. Lots of stuff going on at work so long hours then rack time. I did get firestarter working. I did see the firestarter file in inet.d. How do I make sure that the firewall is starter on boot? I appreciate the help.

linux internet sharing solved. Set up astaro on a pos machine. nwo I can share internet. Now to figure out how to allow my games out.