LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-21-2006, 03:29 AM   #1
just1n
LQ Newbie
 
Registered: Nov 2005
Location: South Africa
Distribution: Mandiva 2006
Posts: 8

Rep: Reputation: 0
IP / DNS / FireWall problem


Mandriva 2006 server, dual nic's so that server can act as firewall between subnets. External nic eth0 services 192.168.10.0/24 subnet (DMZ) and internal nic eth1 services 10.10.10.0/24 subnet.

uname -r = 2.6.12-15mdk-i686-up-4GB

We have a ADSL router sitting at 192.168.10.254 which routes all traffic to WAN and external DNS servers. DHCP is done internally.

Problem I have is that WinXP clients sitting on 10.10.10.0 network can ping both eth0 and eth1, but cannot ping any other dievices on 192.168.10.0 network, thus cannot see the router to resolve DNS.

I have added the external DNS server IP's to the /etc/resolv.conf on the Mandriva server ... and set eth0 to gateway dev in /etc/sysconfig/network on the Mandriva box.

I would like all clients on the 10.10.10.0 network to pass traffic from eth1 to eth0, which will then forward traffic to the router and then to DNS servers. I have tried SQUID which does not pass all traffic from one subnet to the other, thus all pop/smtp mail is blocked. I am thinking it might have something to do with NAT as this Mandriva server will be acting as my primary Firewall for all my WinXP clients.

Any help would greatly be appretiated
 
Old 02-21-2006, 04:10 AM   #2
just1n
LQ Newbie
 
Registered: Nov 2005
Location: South Africa
Distribution: Mandiva 2006
Posts: 8

Original Poster
Rep: Reputation: 0
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 192.168.10.0/24 0.0.0.0/0 state NEW
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 state NEW
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 state NEW
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 state NEW
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Last edited by just1n; 02-21-2006 at 04:12 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables firewall and DNS? guitarman85281 Linux - Software 2 09-20-2004 09:37 PM
DNS and Firewall dexter_modem Linux - Security 8 11-13-2003 11:41 PM
DNS and firewall merlin371 Linux - Networking 2 07-31-2003 06:36 AM
DNS and firewall help please mpalladi Linux - Networking 2 05-26-2003 10:35 AM
strange firewall/DNS problem marsonist Linux - Networking 8 01-03-2003 02:41 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration