LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-21-2006, 05:35 AM   #1
chrisj05
LQ Newbie
 
Registered: Dec 2005
Posts: 6

Rep: Reputation: 0
Can only Surf - cannot use any other service


Hi guys, I posted this request before, but nothing I have tried seems to help.
The scenario .. I have configured a new RH9 server. It has 2 NICS .. one for our internal NW and the other going to a router. The clients on the internal network can access the internet and surf OK, but they cannot access any other services such as picking up mail from our external mail server, ftp, telnet, P2P (limewire).

I have IPTABLES installed and SQUID. I have disabled the firewall but no difference. I stopped IPTABLES but no difference. I have disabled/stopped SQUID, but this stops the clients from surfing. I am happy that we have 'connection' to the outside world from the internal machines, becasue if I put our (old) RH7.2 server back on (which is currently dieing), we have all services.

I have read many FAQ's and questions on the net and tried various approaches but none seem to work. Somebody suggested that I have to IP Forward, but when I tried that I couldn't do anything, (so not sure if I configured it correrctly).

Any help MUCH appreciated. Also if you have any suggestions can you detail how to do this.

Cheers
 
Old 03-21-2006, 10:10 PM   #2
uberNUT69
Member
 
Registered: Jan 2005
Location: Tasmania
Distribution: Xen Debian Lenny/Sid
Posts: 578

Rep: Reputation: 30
You probably need to forward and add a masquerade rule to iptables:
Code:
# echo 1 > /proc/sys/net/ipv4/ip_forward
# iptables -t nat -A POSTROUTING -s 192.168.1.202 -j MASQUERADE
where -s 192.168.1.202 is the internal host to masquerade.

You should be able to put something like:
-s 192.168.1.0 or -s 192.168.1.0/24 to allow a subnet
(you'll have to verify that for yourself)
 
Old 03-22-2006, 12:35 AM   #3
chrisj05
LQ Newbie
 
Registered: Dec 2005
Posts: 6

Original Poster
Rep: Reputation: 0
Hi Ubernut, I tried your suggestion. I gather I type these commands at the prompt. When I did this, my clients can no longer surf the net.

ANy other help appreciated

Cheers
 
Old 03-22-2006, 12:53 AM   #4
uberNUT69
Member
 
Registered: Jan 2005
Location: Tasmania
Distribution: Xen Debian Lenny/Sid
Posts: 578

Rep: Reputation: 30
Yes, those commands are typed at a prompt.
They can also be put into /etc/network/interfaces as post commands, but that's another issue.
The '#' indicates a prompt, executed as root,
whereas '$' indicates a command typed at the prompt executed by a user.

So everything but the proxy now works for the clients?
You probably need to add a rule to allow the hosts access to the squid port (3128 default?),
and make sure those hosts are in squids ACL.
Disable transparent proxying, it's a PITA.

If nothing works, how about you supply more information.
What is the output from the following commands:
Code:
# route -n
# ifconfig -a
What else ...

Ensure that the hosts have networking setup with the RH9 box as the gateway.

You might find this easier if you use a firewall package like shorewall,
install webmin and the shorewall webmin module, and then you've got an easy way
to edit the rules, flush the tables, setup masquerading, etc.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Surf by IP mhykgyver Linux - Networking 2 09-18-2005 09:46 AM
Making a service as a system service Dakkar SUSE / openSUSE 2 07-13-2005 08:36 AM
can connect but not surf fuske Linux - Networking 7 06-03-2004 01:43 PM
/sbin/service is empty every weekend and changed to service.1 LineS Linux - General 0 05-24-2004 03:08 AM
Opera 6.03 cannot surf~~~~~`` Quest Linux - Newbie 10 09-15-2002 10:55 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration