End of my Rope :-)
I can not for the life of me figure out how to enable my linux server to act as a firewall and router for my home network. I have tried nearly every configuration I have found on the board with no luck. Here are the contents of my files
iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Sysctl.conf # Kernel sysctl configuration file for Red Hat Linux # # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and # sysctl.conf(5) for more details. # Controls IP packet forwarding net.ipv4.ip_forward = 1 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1 dhcpd.conf ddns-update-style interim; ignore client-updates; subnet 192.168.1.0 netmask 255.255.255.0 { # --- default gateway option routers 192.168.1.1; option subnet-mask 255.255.255.0; # option nis-domain "domain.org"; option domain-name "RenfroNet"; option domain-name-servers 192.168.1.1; option time-offset -18000; # Eastern Standard Time # option ntp-servers 192.168.1.1; option netbios-name-servers 192.168.1.1; # --- Selects point-to-point node (default is hybrid). Don't change this unless # -- you understand Netbios very well # option netbios-node-type 2; range dynamic-bootp 192.168.1.128 192.168.1.254; default-lease-time 21600; max-lease-time 43200; # we want the nameserver to appear at a fixed address host ns { hardware ethernet 00:00:39:4B:48:FE; fixed-address 192.168.1.1; } } PLEASE HELP :-) |
Take a look at mine:
# iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- localhost anywhere ACCEPT all -- 192.168.1.0/24 anywhere ACCEPT icmp -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:ftp ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:pop-3 ACCEPT tcp -- anywhere anywhere tcp dpt:imaps ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:www ACCEPT all -- anywhere anywhere state ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 192.168.1.0/24 anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination ---------------------------------------------------------------------- The "nat" table is what makes it route. Good luck. |
All times are GMT -5. The time now is 03:27 AM. |