Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 09-13-2003, 09:38 AM   #1
Registered: Aug 2003
Location: Johannesburg, South Africa
Distribution: RedHat 9.0; SmoothWall Express
Posts: 43

Rep: Reputation: 15

I am setting up a firewall in Linux using Redhat 9.0 (command line). I have loaded the standard "Servers" installation and installed two network cards.
On the one side my private network with IP: and on the other a Router connecting to the Internet with a public IP:
My firewall, to be, has been setup with one nic (eth1) with IP: to match my private network and on the other nic (eth0) with a public IP:
The firewall software has been set to no firewall in order for me to get the routing right. From the firewall, to be, I can ping my private network as well as the Internet. No problem.
From my private network, with Windows XP and gateway set to my firewall eth0 IP I can ping both nics, but I can't ping the Router nor the Internet.
The following settings has been done:


DEVICE=eth1 (eth0)

route: * eth0 * eth1 * lo
default eth0

Iptables is setup to ACCEPT FORWARD
In sysctl.conf the line net.ipv4.ip_forward = 1 is set.

Is there something I am missing?
I can't find anything in the HOWTO's. I am sure it must be something simple.

Will I be able to use this Linux box to setup a VPN and Proxy as well?
It is a PIII 600MHz with 128MB ram.
Any help will be appreciated.
Thanks in advance.
Old 09-17-2003, 11:19 PM   #2
Registered: Apr 2002
Location: Los Gatos, CA
Distribution: boring redhat 9
Posts: 163

Rep: Reputation: 30
I don't quite understand. Is the linux box the router you're using, or do you have an additional router inbetween linux box and the Internet?

If you have a separate physical router, you need to use a second private network ID between the router and the linux box. The linux box shouldn't see the "public" addresses.

If you don't have a separate physical router, the linux box IS the router, make sure the /proc/sys/net/ipv4/ip_forward file has the "1" in it. I've found that I have to force it with the line "echo "1" >/proc/sys/net/ipv4/ip_forward" in the /etc/rc.local file.
Old 09-18-2003, 06:16 AM   #3
Registered: Aug 2003
Location: Johannesburg, South Africa
Distribution: RedHat 9.0; SmoothWall Express
Posts: 43

Original Poster
Rep: Reputation: 15
There is a Cisco router with public IP between the firewall and the Internet. I have managed to get it going. Please look at the following post.

Also look at the following link.

My problem was with the iptables.
Thanks for all the help.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
BSD Firewall vs Linux Firewall ? rootlinux Linux - Security 5 08-29-2007 07:38 AM
Firewall lets ips which are not in the firewall ... why ? sys7em Linux - Networking 2 06-30-2005 12:50 PM
Firewall with features of a Sidewinder firewall? abcampa Linux - Security 4 04-22-2005 04:24 PM
slackware's /etc/rc.d/rc.firewall equivalent ||| firewall script startup win32sux Debian 1 03-06-2004 09:15 PM
Firewall Builder sample firewall policy file ? (.xml) nuwanguy Linux - Networking 0 09-13-2003 12:32 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:26 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration