Need Help on Simple IPTables Router/Firewall
My first post!
I recently had a go at setting up a WiFi Hotspot using wifidog. This, of course, entails creating a router and I chose to use iptables as this is what wifidog uses anyhow. Hitherto, I had only a vague idea of what iptables is and even less of an idea how to use it. Now, having executed endless Googles and howtos with close to zero success I am breaking down and asking for help. My setup is: wireless AP (DHCP on) -> NIC eth0 -> HP 486 w/Debian Lenny/5 -> NIC eth1 -> wireless router (DHCP on) -> DSL modem -> ... the world At this point I have no idea what the stumbling block is. I did actually get a simple iptables router working once and I got wifidog working once but both cases broke without my having changed anything (at least that's my story and I'm sticking to it). When wifidog starts up, there is a 'failed' on every line ouput to the terminal as wifidog sets up its iptables rules. It is almost as if something is missing on my system but all the checks I can find, like lsmod | grep ip, which shows 11 modules, seem to indicate that everything is present. Now, I do not know what question to ask and therein lies my dilemma. One thing that would be helpful to know is whether the syntax is different among the various NIXs. What would be really helpful is a shell script that works to set up a very fundamental router that basically connects two network interfaces and lets all traffic go in both directions (easy for me to figure out the logic) - I found a reference here to there being one in "the Security section" but I cannot seem to find my way there. So there it is, not only do I need answers, I need the questions too. Please help if you can as I have come to the end my rope. Any insights offered will be most appreciated. Best regards, Dennis |
More info....
I found a brain dead simple two liner at http://www.cyberciti.biz/tips/linux-...-line-etc.html that is supposed to setup a simple router and goes like this (I added the flushing lines):
Code:
iptables -F Code:
iface lo inet loopback Code:
Kernel IP routing table Code:
Chain INPUT (policy ACCEPT 3503 packets, 553K bytes) Any ideas? Regards, Dennis |
Eureka!
Fixed it.
It seems that the problem may have been a single line missing: Code:
iptables -X BTW, I stowed the working firewall script in /etc/network/if-up.d as instructed in the page at the above noted link. Regards, Dennis |
All times are GMT -5. The time now is 05:48 PM. |