Firewall Wizards mailing list archives
Re: Help!!! Trying to get firewall running but I don't know what I'm doing wrong!
From: rob.roberson () verizon com
Date: Tue, 14 Aug 2001 07:50:06 -0400
Afroz, Linux firewalls require IP forwarding to be turned on before it will pass packets. Try this from a command prompt: echo 1 > /proc/sys/net/ipv4/ip_forward If it starts working, add this line to your firewall script. ~Rob Roberson SPEC - Systems Analyst Verizon Data Services If you smile at me, I will understand 'Cause that is something everybody everywhere does In the same language. - David Crosby "Afroz Nissar" <afroz000 () hotmail co To: firewall-wizards () nfr com m> cc: Sent by: Subject: [fw-wiz] Help!!! Trying to get firewall running but I don't know what I'm doing wrong! firewall-wizards-adm in () nfr com 08/10/2001 08:35 AM Hey everyone!!! Ok.... first of all.... let me say that I am new to networking and everything related to it. I'm just a student and I'm not one of those whiz kids! So please forgive me if my question is really stupid or has a totally obvious answer!! I am currently working on setting up IP Masquerading and a firewall (on separate computers) for a network. At the moment, the IP Masquerading works fine and the firewall consists of no restrictions whatsoever. All its policies are accept, hence, theoretically, it should just allow everything to pass through it (This is just for testing purposes). On my IP masq and firewall machines, I have installed Redhat 7.1 and upgraded iptables to version 1.2.2 and the kernel to 2.4.4. Both these computers have 2 NIC's. Here is a diagram of the setup: _______________ ___ | Internal |-------------| H | ___________ | Network |-------------| U | eth1 | MASQ | | of 5 |-------------| B |------------- |___________| | computers |-------------| | |eth0 |_____________|-------------|___| | _____|______ |____HUB_____| | |eth1 _____|______ | FW | |___________ | |eth0 _____|______ | Router | |____________| | INTERNET The computers on the internal network have 192.168.0.x addresses and eth1 of the Masq computer has the address 192.168.0.1. eth0 of Masq has a real IP address. eth0 and eth1 of the firewall also have real IP addresses. This is my problem.... I know that the masking of the internal computers works fine but for some reason information does not pass through the firewall. From the internal computers I can ping the Masq computer. From the firewall, I can ping the internet. But I can't ping the firewall from the Masq computer or vice-versa with the above setup. But... if I connect eth1 of the firewall to the router and eth0 of the firewall to the hub.... then I can ping between the Masq and the firewall but I cannot ping from the firewall to the internet. I have tested both NIC's separately so I know that they work fine. I'm pretty sure its something really simple and basic that I am missing out here... but I just can't figure out what it is!!!! I guess its probably because of my inexperience.... So I would be really grateful if someone could help me out here!! Once again... I'm really really really sorry if its something stupid or obvious!!! I'm still in the very early stages of the learning process!!! I thank you all!!! Afroz. _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Help!!! Trying to get firewall running but I don't know what I'm doing wrong! Afroz Nissar (Aug 10)
- <Possible follow-ups>
- Re: Help!!! Trying to get firewall running but I don't know what I'm doing wrong! rob . roberson (Aug 16)