Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i have, what i think, is a fairly simple question about firewall setup. basically, i'd like to know how to do it. :-) i have a dedicated machine for my firewall (pII 300, 96 ram) running slackware 8 on the 2.4.17 kernel. i read this howto: http://www.linuxdoc.org/HOWTO/Firewall-HOWTO.html but was unable to successfully configure my machine as it instructed, as i believe the problem lies in that the howto is based on the 2.2.13 kernel, not 2.4.
what i'd like to see is a tutorial, or any references, that explains how to setup a firewall more or less from scratch using iptables. i'd rather not use any prewritten scripts or apps, since i like to learn everything for myself.
my network looks like the following: 3-6 clients (all running linux with the exception of one dual booting slack and XP), cable modem, and my soon-to-be-firewall, which has two linksys nics.
I had a just the same problem half of year back. All that you need for its deciding - packet-filtering-HOWTO and, may be, NAT-HOWTO. They contain complete explanation of iptables ideology, basics and a lot of examples. Fresh copyes of this very nice and usefull manuals may be found in netfilter.samba.org - offisial site of iptables developers. And you must know as ip working, of course.
Enjoy! Good slacking!
i looked at a few howtos regarding IP MASQing, but am still unable to get it working.
i actually have a more general question though. i have two nics on my system, one is configured by DHCP (the cable connection) the other with the internal IP of 192.168.1.1. now, what should i put as the gateway for the internal card? i was putting the IP of the external card, but whenever i reinitilize my internal card, i get "host not found: x.x.x.x" (x.x.x.x being my external IP).
E-e.. What is "internal card"? If its netcard of intranet workstation, then gateway IP is intranet IP-address of your router (192.168.1.xxx in this task). If you spoke about router please tell about you IP net configuration. Or I don't undestand you?
ok, i'll just kinda restate my intentions here, because i don't think i was clear enough.
basically, i have a cable modem and am currently using a linksys cable router in order to "share" my internet connection across my network. however, i'd like to use a spare linux machine with two nics in order to replace my linksys router.
my nic configuration is as follows:
eth0 connects to the cable modem using DHCP.
eth1 connects to my internal network (intranet) with the IP of 192.168.1.1 and will function as my intranet's gateway. what i've gathered from various howtos and tutorials, is that the gateway for eth1 should be the IP for eth0. however, when i reinitilize eth1, i get an error that says, "unknown host: xxx.xxx.xxx.xxx".
so i'm just looking for some help in order to get my router/firewall setup using IP MASQ and what have you. thanx. :-)
do you know about ifcfgeth0 file or in your case ifcfgeth1 file????
Linux refers back to this file every time networking restarts so you may need to edit this file to how you prefer..... /etc/sysconfig/network-scripts im not quite sure about the location in 8 though
slackware's a lot different than redhat. it initilizes network devices in /etc/rc.d/rc.inet1 and doesn't use any network-scripts. i'm a redhat and slackware user, so i'm well versed in the differences. :-)
"gateway for eth1 should be the IP for eth0" its wrong. Route record in the routing table is attached for destination ip address of network or host. Route be associated with somehand ethX because this route physically lay from this ethX. Gateway definition is needed if network number in the destination ip is distinguished from network numbers of every network interfaces of source host.
For instance, this is routing table of my route-host (192.168.2.0 - intranet, 192.168.1.0 - DMZ, 192.168.2.6 - eth0, 192.168.1.2 - eth1):
Destination Gateway Genmask Flag Iface
192.168.2.0 0.0.0.0 255.255.255.0 U eth0
192.168.1.0 0.0.0.0 255.255.255.0 U eth1
127.0.0.0 0.0.0.0 255.0.0.0 U lo
0.0.0.0 192.168.1.1 0.0.0.0 UG eth1
When this host sends package to 192.168.2.1, he see in routing table and seek appropriate route. In this example its a first route and eth0 as source network interface. Gateway not needed because eth0 and 192.168.2.1 have common network address 192.168.2.0.
When this host sends package to linuxquestions.org (208.247.106.177), he use bottom route record (0.0.0.0 - any IP). He send this package to 192.168.1.1 from eth1. 192.168.1.1 is gateway and he send this packet into another ipnetwork gateway, etc.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.