Firewall Wizards mailing list archives

Re: Help!!! Trying to get firewall running but I don't know what I'm doing wrong!

From: rob.roberson () verizon com
Date: Tue, 14 Aug 2001 07:50:06 -0400

Afroz,
Linux firewalls require IP forwarding to be turned on before it will pass
packets. Try this from a command prompt:

echo 1 > /proc/sys/net/ipv4/ip_forward

If it starts working, add this line to your firewall script.

~Rob Roberson
SPEC - Systems Analyst
Verizon Data Services

If you smile at me, I will understand
'Cause that is something everybody everywhere does
In the same language.
- David Crosby

"Afroz Nissar"

<afroz000 () hotmail co To: firewall-wizards () nfr com

m> cc:

Sent by: Subject: [fw-wiz] Help!!! Trying to get firewall running but I
don't know what I'm doing wrong!
firewall-wizards-adm

in () nfr com

08/10/2001 08:35 AM

Hey everyone!!!
Ok.... first of all.... let me say that I am new to networking
and everything related to it. I'm just a student and I'm not one of
those whiz kids! So please forgive me if my question is really stupid
or has a totally obvious answer!! I am currently working on setting up
IP Masquerading and a firewall (on separate computers) for a network.
At the moment, the IP Masquerading works fine and the firewall
consists of no restrictions whatsoever. All its policies are accept,
hence, theoretically, it should just allow everything to pass through
it (This is just for testing purposes). On my IP masq and firewall
machines, I have installed Redhat 7.1 and upgraded iptables to version
1.2.2 and the kernel to 2.4.4. Both these computers have 2 NIC's. Here
is a diagram of the setup:
_______________ ___
| Internal |-------------| H | ___________
| Network |-------------| U | eth1 | MASQ |
| of 5 |-------------| B |------------- |___________|
| computers |-------------| | |eth0
|_____________|-------------|___| |
_____|______
|____HUB_____|
|
|eth1
_____|______
| FW |
|___________ |
|eth0
_____|______
| Router |
|____________|
|
INTERNET

The computers on the internal network have 192.168.0.x addresses and
eth1 of the Masq computer has the address 192.168.0.1. eth0 of Masq
has a real IP address. eth0 and eth1 of the firewall also have real IP
addresses.
This is my problem.... I know that the masking of the internal
computers works fine but for some reason information does not pass
through the firewall. From the internal computers I can ping the Masq
computer. From the firewall, I can ping the internet. But I can't ping
the firewall from the Masq computer or vice-versa with the above
setup. But... if I connect eth1 of the firewall to the router and eth0
of the firewall to the hub.... then I can ping between the Masq and
the firewall but I cannot ping from the firewall to the internet. I
have tested both NIC's separately so I know that they work fine. I'm
pretty sure its something really simple and basic that I am missing
out here... but I just can't figure out what it is!!!! I guess its
probably because of my inexperience.... So I would be really grateful
if someone could help me out here!! Once again... I'm really really
really sorry if its something stupid or obvious!!! I'm still in the
very early stages of the learning process!!!
I thank you all!!!

Afroz.

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Help!!! Trying to get firewall running but I don't know what I'm doing wrong! Afroz Nissar (Aug 10)
- <Possible follow-ups>
- Re: Help!!! Trying to get firewall running but I don't know what I'm doing wrong! rob . roberson (Aug 16)