LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 01-10-2005, 09:22 PM   #1
tank728
Member
 
Registered: Sep 2003
Posts: 142

Rep: Reputation: 17
dnsmasq problem, nat not working


How it is going fellas? Unfortunately no so well for me. I want to upgrade my linksys router to a full time slack router. So let me lay it down for you. I have my cable modem plug into eth0, and i am getting a public ip (I am writing this post from the box now). eth1 is plugin to my network, and is statically assigned 192.168.0.1. All of my clients are getting an private ip, with in the range set forth in my /etc/dnsmasq.conf file. When I ping gw (192.168.0.1) it works, but when I ping google, i get time out, but included with the output of ping is the ip address of google, so that rules out dns. I get the feeling that I have to open up port 80 with iptables, but I am not sure if that is the proble, because I do not know a lot about using iptables. I have also started /etc/rc.d/rc.ip_forward. I will be glad to post any config file you request. Thanks alot fellas

-tank
 
Old 01-10-2005, 09:55 PM   #2
davidsrsb
Member
 
Registered: Oct 2003
Location: Kuala Lumpur, Malaysia
Distribution: Slackware 13.37 current
Posts: 770

Rep: Reputation: 33
Why use Slackware as a firewall? IPCop and M0n0wall are far more optimised.
 
Old 01-10-2005, 10:08 PM   #3
tank728
Member
 
Registered: Sep 2003
Posts: 142

Original Poster
Rep: Reputation: 17
I understand your point, but I would like to house some other things on this box as well: ftp, ssh, samba (network drive), cups (network printer), and squid. But this is all in due time.

-tank
 
Old 01-10-2005, 10:32 PM   #4
soylentgreen
Member
 
Registered: Sep 2004
Location: old village
Distribution: android, BSD, CentOS, Ubuntu
Posts: 221

Rep: Reputation: 30
in
/etc/resolv.conf
add

nameserver = X.X.X.X
if you have dnsmasq setup on 192.168.0.1 then its that after the '='
 
Old 01-10-2005, 10:33 PM   #5
soylentgreen
Member
 
Registered: Sep 2004
Location: old village
Distribution: android, BSD, CentOS, Ubuntu
Posts: 221

Rep: Reputation: 30
and i love my slackware router...
 
Old 01-10-2005, 10:35 PM   #6
soylentgreen
Member
 
Registered: Sep 2004
Location: old village
Distribution: android, BSD, CentOS, Ubuntu
Posts: 221

Rep: Reputation: 30
DRAT!!!

ok.. i don't know how to edit my post...

its not
'nameserver = 192.168.0.1'
it's
'nameserver 192.168.0.1'

sorry...
really.. i'm sorry.
 
Old 01-10-2005, 10:44 PM   #7
tank728
Member
 
Registered: Sep 2003
Posts: 142

Original Poster
Rep: Reputation: 17
Not quite sure of your post (posts , but yes dnsmasq is running on 192.168.0.1 (eth1). My /etc/resolv.conf looks like this, on my slack router.

Code:
nameserver 167.206.3.224
nameserver 167.206.3.223
nameserver 167.206.3.158
Those would be from my isp.

client /etc/resolv.conf

Code:
nameserver 192.168.0.1
I have tried adding my routers resovl.conf to my client, but no dice.

-tank
 
Old 01-11-2005, 01:40 PM   #8
tank728
Member
 
Registered: Sep 2003
Posts: 142

Original Poster
Rep: Reputation: 17
I would like to thank you guys for you help, but I have a one other
question. Using iptables, how do I block specific ports on a
specific network cards? I want to set up samba and cups, but I do
not want the Internet to have them. For example I want to block
port 631 on eth0 (connect to my modem) and keep it open on eth1,
so my network will have access. Can I define this in cupsd.conf. With
samba, I believe in the [global] section you can add "interfaces = ethX"
and it will only broadcast on those specified nics. Thanks alot.

-tank
 
Old 01-11-2005, 11:37 PM   #9
soylentgreen
Member
 
Registered: Sep 2004
Location: old village
Distribution: android, BSD, CentOS, Ubuntu
Posts: 221

Rep: Reputation: 30
did you get everything working??

i have a completely slackware network.. and i swear i'll try to be more lucid in my next posts..

please let me know if anything isn't doing anything.
 
Old 05-26-2006, 05:15 PM   #10
zhjim
Senior Member
 
Registered: Oct 2004
Distribution: Debian Squeeze x86_64
Posts: 1,748
Blog Entries: 11

Rep: Reputation: 233Reputation: 233Reputation: 233
Regarding you iptables question. You should normaly block everything with setting the policies and only allowed specific ports to be open. Something like

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

to have everything dropped coming from (output), to (INPUT) and through (FORWARD) your box. And then allow special ports

iptables -A INPUT -i eth1 -j ACCEPT
iptables -A OUTPUT -o eth1 -j ACCEPT

to allow all traffic from and to your homenetwork.

check out the man page of iptables or take a look at

http://sourceforge.net/search/?type_...omeLanSecurity
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
dnsmasq problem in Mandrake LM pundun Linux - Networking 1 11-21-2005 11:12 PM
NAT not working varun_saa Mandriva 11 12-29-2004 12:19 PM
Susefirewall2 Nat Problem / nat 1:1 trubi Linux - Distributions 0 07-20-2004 06:50 AM
Working with NAT, need help with source code and technical specs Sparticus Linux - Networking 1 07-10-2004 02:55 AM
nat not working! the_y_man Linux - Networking 4 03-13-2004 01:41 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 02:24 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration