I just setup multi network firewall on my network. Every single time I enable a transparent proxy the internet stops working. Do I need to setup a rule in my firewall rules for this. If so what does the rule need to be? I already setup a rule enabling all ports to go out to the internet. I don't currently have any reason to block any outgoing ports. Secondly I am having a problem with the DHCP. Where can I tell it what dns addresses I want it to assign. It automatically gives itself as the dns but then you can't get out to the internet. If I manually put in my ISP's dns then everything works. I also just installed it and need to do updates on it. When I go to the updates the default ftp is there the ftp.mnf.mandrakesoft.com. I don't know what username or password to use because it doesn't find any updates when I run it. Or how can I change to a different mirror? I think that covers everything. Thank you so much for your help.

Tim

Yes you don't want to change address when you are routing within your internal network. For example

| |
eth1 eth3
\ /
\ /
|
|
eth0
|
eth1=192.168.0.1/24
eth2=10.0.0.1/24
eth3=12.12.12.12/24
In the -nat POSTROUTING rule insert not append
iptables -t nat -I POSTROUTING -s 10.0.0.0/24 -d 192.168.0.0/24 -j ACCEPT
iptables -t nat -I POSTROUTING -s 192.168.0.0/24 -d 192.160.0.0/24 -j ACCEPT
I don't thing you need to adjust the prerouting rules, but you might.
Please let me know how it goes.

I just rebooted the firewall and it started working. Still wondering about my dns issue with dhcp though.

Tim

Did you change the iptables as I suggested or did you just reboot and it just worked?
I am cheezing out here and coping this from man dhcpd
subnet 239.252.197.0 netmask 255.255.255.0 {
range 239.252.197.10 239.252.197.250;
default-lease-time 600 max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 239.252.197.255;
option domain-name-servers 239.252.197.2, 239.252.197.3;
}
All you need to ad is the domain-name-servers line.

All I did was reboot the firewall and it worked. I'm not at home so I can't check right now, but what file do I need to edit in for what you said.

Tim

It is /etc/dhcpd.conf.
I might have misunderstood you.
Are you running a dhcp server?
This file should exist on the server that is running dhcp.

MNF is running dhcp. My problem is that it won't let me manually assign dns servers. I also run dns and need to specify, I'll take a look at the file. Anyone know about the issues with not getting any updates listed?

So your firewall is acting as a dhcp server handing out address to your internal network, and you want it to tell the machines not only what ip they should use but also what dns server to use.
With redhat the configuration file is /etc/dhcpd.conf.
What disto are you using?

It is the mandrake multi network firewall. This is specifically designed to be just a firewall.

Does this firewall act as the dhcp server for your network. Not does it aquire its address from a dhcp server.
What is the output from
ps -ef | grep dhcpd;
rpm -ql dhcp;
I am going out for the night I will get back to you tomarrow.

Yes, it is the dhcp server for my network, and I have resolved this problem. It was an edit to the dhcpd.conf file.

Tim