Quote:
Originally Posted by matsyuf
I am newbie and trying to learn how to make a Proxy- I made my script through a tutorial and later put it in /etc/init.d/ so that it could boot on system start, unfortunately when i connected a COmputer onto the internal interface , I wouldnt ping the internal ip neither would i browse anything, Am asking where I may have went wrong, below is my script:-
YM:~# cat Firewall.sh
#!/bin/sh
echo -e \n\nLoading YUSUF firewall..\n
IPTABLES=/sbin/iptables
DEPMOD=/sbin/depmode
MODPROBE=/sbin/modprobe
INTIF=eth1
EXTIF=eth0
echo External Interface: $EXTIF
echo Internal Interface: $INTIF
echo Enabling forwarding..
echo 1 > /proc/sys/net/ipv4/ip_forward
echo Enabling DynamicAddr..
echo 1 >/proc/sys/net/ipv4/ip_dynaddr
echo Clearing any existing rules and setting default poilcy..
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F
echo FWD: Allow all connections OUT and only existing and related ones IN
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
echo -e "\YUSUF firewall\n"
YM:~#
and when execute it
YM:~# /etc/init.d/Firewall.sh
nnLoading YUSUF firewall..n
External Interface: eth0
Internal Interface: eth1
Enabling forwarding..
Enabling DynamicAddr..
Clearing any existing rules and setting default poilcy..
FWD: Allow all connections OUT and only existing and related ones IN
\YUSUF firewall
YM:~#
but nothing it working for me yeThe external interface is to my DHCP Lan network.
|
None of what you posted would create a proxy. It looks like you're trying to make a
NAT router instead. This means your LAN boxes will need to be configured to use the LAN IP of the router as their
default gateway. BTW, I'm moving this to
Networking, as it's not a security question.