I'm running Arch Linux, and wanted to set up a firewall and share my connection with another computer connected through a crossover cable.
The problem is that restarting iptables gives a "line 24 failed" error. (line 24 is the COMMIT line.) Anything wrong with this rules file?
Code:
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
# ICMP packets
-A INPUT -p icmp --icmp-type 0 -j ACCEPT
-A INPUT -p icmp --icmp-type 3 -j ACCEPT
-A INPUT -p icmp --icmp-type 11 -j ACCEPT
# Only one ping per second
-A INPUT -p icmp --icmp-type 8 -m limit --limit 1/second -j ACCEPT
# http
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# allow all packets from localhost or the other computer
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -j ACCEPT
COMMIT
For the connection sharing I took a script I wrote a few months ago and adapted it slightly to Arch. Would this work?:
Code:
#!/bin/bash
ifconfig eth0 192.168.0.1 netmask 255.255.255.0
/etc/rc.d/dhcpd start
/etc/rc.d/named start
iptables -t nat -I POSTROUTING 1 -o eth0 -j MASQUERADE
iptables -P FORWARD ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward