[101756] in RedHat Linux List
Re: IP Masq not forwarding packets...
daemon@ATHENA.MIT.EDU (James Ervin)
Sun Nov 29 07:36:14 1998
Date: Sun, 29 Nov 1998 07:35:19 -0500
To: redhat-list@redhat.com
From: James Ervin <james@kites.org>
In-Reply-To: <Pine.LNX.3.96.981129002342.11855A-100000@absolutesports.co
m>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
I do not know about 5.2, but on 5.1 and previous you needed to recompile
the kernel to get it to work.
You say you have no firewall rules in place. How have you told it to do
the masq? How have you told it to foward your packets?. You need some
sort of firewall that at least will do the masq. Try out this after
recompiling your kernel:
Start Script:
# Flush previous rules
/sbin/ipfwadm -I -f
/sbin/ipfwadm -O -f
/sbin/ipfwadm -F -f
# Set default policy to accept, change this once you get masq working
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -I -p accept
/sbin/ipfwadm -O -p accept
/sbin/ipfwadm -F -a m -P tcp -S "$LOCALNET" -D "$ANYWHERE"
/sbin/ipfwadm -F -a m -P udp -S "$LOCALNET" -D "$ANYWHERE"
End script.
This sets up a basic firewall that will allow you to start testing masq.
One that works, you can tighten up on the rules.
Good luck.
>
>IP forwarding is enabled (/etc/sysconfig/network), I have no firewall
>rules in place yet, and /proc/...ipv4/ip_masquerade contains a 1.
>
>Any suggestions as to what I may have overlooked?
end
James Ervin
Night: james@kites.org
http://www.kites.org
Day: james@liberty.ci.bedford.va.us
http://www.ci.bedford.va.us
Check out the WebCam:
http://camera.ci.bedford.va.us
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
