|
yast2 firewal query
after many faithful years my mandrake 366mhz gateway has died, i have d/ld suse 9.3 and installed it into an old p4 1.7ghz m/c
the problem.. on my old box the only config i had was to setup my adsl (btbroadband),ok then su in and echo 1 ip_forward and then add iptable -t nat -A POSTROUTING -s 192.xxx.xxx.xxx/24 Masquerade and same but on eth0 to allow other machines on network to see the gateway at 192.xxx.xxx.xxx as their gateway and dns. New box connects to the web ok and i can ping the static eth1 address and its act light blinks. but no internet access. have tried all i can browsed till my fingers bled!! is there something dumb that im missing . ppl seem to be mentioning yast2 firewall and ive been there so here is my settings: dsl0 BTbroadband no zone selected eth0 allied telesyns 2500 external (#to the dsl line) eth1 hp 10/100 internal static ip any help pls. |
Usually this is pretty easy to setup using the Yast2 firewall administration module. Once you start it, make sure that you've selected the proper interfaces for your internal and external networks and make sure to select the "enable forwarding and do masquerading" option. Then save the settings. That will enable port forwarding and perform NAT (masquerading).
|
re:yast2
spent 3hrs playing with yast2 settings both in securityandusers>firewall and in system>firewall>susefirewall2 have got eth0 on dhcp (to bt broadband modem) voyager205 ok.
eth1 private internal network. crazy i no but i can ping 192.168.0.1 gateway addr on eth1 ttl64 ok. then i use ifconfig to get eth0 dhcp addr ext eth 192.168.1.3 i can ping that too. then i ping an external ftp server on 210.xxx.xxx.xxx ttl32 ok. but when i try and ping www.yahoo.com i get unreachable and no internet. my old machine mandrake 9.0 new psu works fine this is nutz. any help and thanks for post. |
In that case (you can ping by IP address but not hostname) it sounds like the problem is DNS related and your internal host is not resolving hostnames. Check /etc/resolv.conf and make sure that the entries for your ISPs DNS servers are there.
|
re:dns entries
may sound thick but could i use the entries in tne mandrake resolv. file as the onesd to enter in the suse file?
i read in an iptables setup about resolv file entries i will try what should i be looking at please. Many thanks again i want this to work Ms$ is a neccessary evil to many but i think linux is the future. Regards |
That may work, depending on how often your ISP changes the IP address of its nameservers. If they change often, then you'll have problems resolving hostnames and have to update the IPs manually. Is this happening on the internal machines or on the gateway host?
|
i m new for su se Pl . tel me more abou firewll for suse
|
firewalls issue 4 sharaad
sharaad try this site for iptables /firewall rules etc. please post a new thread for all future queries best of luck. maku99,(http://iptables-tutorial.frozentux.net/)
now where was i, capt caveman , local (internal network works fine on old gateway . talking to you now. New gateway can browse ,post, email, p2p ok but internal network gets nada. I agree must be DNS problem but not knowing is a real pain ive checked all cables changed network cards over done hardware stuff . Thanks for your time , its really appreciated , ive spent lots of time spreading the linux word , its nice to see im not alone.. regards maku99 |
So just to get this straight, you can ping hosts from the internal network by IP address but not by hostname? Try yahoo for example; 'ping 68.142.226.33' works but 'ping www.yahoo.com' does not?
|
ping by no. only
yep, spot on i can ping from any local internal machine to ip address fine but not by name , i have been reading up on dns and have looked at resolv.conf in etc and also in dhcpd as the forums here at linuxquestions have threads on resolv probs and dns errors. some suggest adding lo to the resolv.conf file other say to create a script of my own to point to dns also there are issues when your isp renews your lease ip and it doesnt update via this.
also there are some abscure refs to named and possible missing entries here too. this is giving me bags under the eyes and a headache gonna beat it tho. thanks. |
I'd take a look at the /etc/resolv.conf of the gateway system that has working DNS and copy the nameservers from there into the internal hosts /etc/resolv.conf file. If that doesn't work, you may need to run dhcpd on the gateway and have the internal clients grap the IPs and nameservers from there.
|
success
Capt Caveman , thought i would share the solution and the problem with you, after all without you id have had a nervous break down by now.
I wiped server and installed mandrake it worked but only with old bt flat fish modem in situ at old server cupboard. I looked at new "modem" voyager 205 , on box it says router so i look at web searches for routers these send a dns address to the machine telling it that it deals with any dns resloution. so im trying to reroute dns through my server then reresolve through the router duh! simply cchange client networking to dns of router and bingo linux port forwards and router dns . aaahhh!! the smell of success. many thanks again you are a star for stickin with me. any help i can offer is yours.. good travels and be lucky! |
Interesting, I haven't come across a router/modem that does it that way. Nice job on troubleshooting the problem.
|
| All times are GMT -5. The time now is 08:10 PM. |