--- Jeff Vian jvian10@charter.net wrote:
On Thu, 2005-09-01 at 04:53 -0700, Antonio Olivares wrote:
--- Jeff Vian jvian10@charter.net wrote:
On Wed, 2005-08-31 at 17:16 -0700, Antonio
Olivares
wrote:
--- Jeff Vian jvian10@charter.net wrote:
On Wed, 2005-08-31 at 12:20 -0700, Antonio
Olivares
wrote:
--- Antonio Olivares
wrote:
*nat :PREROUTING ACCEPT [759:76421] :POSTROUTING ACCEPT [4:288] :OUTPUT ACCEPT [394:23805] -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth0 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth0 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE COMMIT # Completed on Wed Aug 31 07:52:24 2005 [root@rio ~]# cat /proc/sys/net/ipv4/ip_forward 1 [root@rio ~]#
Thanks for all your help and suggestions. It will work. It is just a matter of finding where things
are
stopping.
Best Regards,
Antonio
Attached is a basic script for a firewall/router like you are using.
Simply put it somewhere on the linux box, make it executable, then as root run it.
After running this script, rerun "service iptables save" to save the rules so they load automatically when you reboot.
It should load all the rules you need for a dynamic external address on eth0, a fixed internal address on eth1, and DNS on the external network.
To test that it works, simply retry (from the windows box) the ping commands I gave earlier, and even try a ping to www.yahoo.com. If they all work then you should be all set.
This was generated using fwbuilder which is readily available on the net from www.fwbuilder.org or on sourceforge.
HTH Jeff
Now, I cannot access the local network and the internet from the machine. The eth0 device was assigned an IP according to its MAC address and now it does not work, it says that it is active. When I shut down the machine it gave me some weird message which I do not know how to get since I am sending this email from the other machine which has internet access in my classroom. Is there a way to solve this issue?
TIA
Antonio
____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
--- Antonio Olivares olivares14031@yahoo.com wrote:
--- Jeff Vian jvian10@charter.net wrote:
On Thu, 2005-09-01 at 04:53 -0700, Antonio
Olivares
wrote:
--- Jeff Vian jvian10@charter.net wrote:
On Wed, 2005-08-31 at 17:16 -0700, Antonio
Olivares
wrote:
--- Jeff Vian jvian10@charter.net wrote:
On Wed, 2005-08-31 at 12:20 -0700, Antonio
Olivares
wrote: > > --- Antonio Olivares
wrote: > >
*nat :PREROUTING ACCEPT [759:76421] :POSTROUTING ACCEPT [4:288] :OUTPUT ACCEPT [394:23805] -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth0 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth0 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE COMMIT # Completed on Wed Aug 31 07:52:24 2005 [root@rio ~]# cat /proc/sys/net/ipv4/ip_forward 1 [root@rio ~]#
Thanks for all your help and suggestions. It
will
work. It is just a matter of finding where
things
are
stopping.
Best Regards,
Antonio
Attached is a basic script for a firewall/router like you are using.
Simply put it somewhere on the linux box, make it executable, then as root run it.
After running this script, rerun "service iptables save" to save the rules so they load automatically when you reboot.
It should load all the rules you need for a
dynamic
external address on eth0, a fixed internal address on eth1, and DNS
on
the external network.
To test that it works, simply retry (from the windows box) the ping commands I gave earlier, and even try a ping to www.yahoo.com. If they all work then you should be all set.
This was generated using fwbuilder which is
readily
available on the net from www.fwbuilder.org or on sourceforge.
HTH Jeff
Now, I cannot access the local network and the internet from the machine. The eth0 device was assigned an IP according to its MAC address and now it does not work, it says that it is active. When I shut down the machine it gave me some weird message which I do not know how to get since I am sending this email from the other machine which has internet access in my classroom. Is there a way to solve this issue?
TIA
Antonio
____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
I used a floppy to access dmesg and ipconfig -a so you could see the weird messages I get.
TIA
Antonio
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
[root@rio ~]# dmesg EN=202 TOS=0x00 PREC=0x00 TTL=128 ID=3635 PROTO=UDP SPT=138 DPT=138 LEN=182 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3637 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49900 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49901 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3638 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49903 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:47:49:11:a0:08:00 SRC=10.154.19.97 DST=10.154.19.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=35478 PROTO=UDP SPT=138 DPT=138 LEN=209 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:d0:b7:c1:09:58:08:00 SRC=10.154.19.100 DST=10.154.19.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=61544 PROTO=UDP SPT=138 DPT=138 LEN=209 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3639 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49904 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=49905 PROTO=UDP SPT=138 DPT=138 LEN=209 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49906 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=3640 PROTO=UDP SPT=138 DPT=138 LEN=182 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3642 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3643 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3644 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=3645 PROTO=UDP SPT=138 DPT=138 LEN=182 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3647 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3648 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3649 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:b0:d0:c5:ca:eb:08:00 SRC=10.154.19.113 DST=10.154.19.255 LEN=211 TOS=0x00 PREC=0x00 TTL=128 ID=3651 PROTO=UDP SPT=138 DPT=138 LEN=191 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62358 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:ce:0b:08:00 SRC=10.154.19.73 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=14780 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62359 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:ce:0b:08:00 SRC=10.154.19.73 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=14781 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62360 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:ce:0b:08:00 SRC=10.154.19.73 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=14782 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62361 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:ce:0b:08:00 SRC=10.154.19.73 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=14783 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62362 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62363 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62364 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:a1:78:78:08:00 SRC=10.154.19.137 DST=10.154.19.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=19329 PROTO=UDP SPT=138 DPT=138 LEN=209 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49915 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49916 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62365 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49917 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49918 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=62366 PROTO=UDP SPT=138 DPT=138 LEN=209 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49919 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49920 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49922 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49923 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=49924 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=525 PROTO=UDP SPT=138 DPT=138 LEN=182 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=527 PROTO=UDPSPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0f:1f:86:fc:ed:08:00 SRC=10.154.19.4 DST=10.154.19.255 LEN=242 TOS=0x00 PREC=0x00 TTL=128 ID=27176 PROTO=UDP SPT=138 DPT=138 LEN=222 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=528 PROTO=UDPSPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=529 PROTO=UDPSPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=530 PROTO=UDP SPT=138 DPT=138 LEN=182 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=532 PROTO=UDPSPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=533 PROTO=UDPSPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=534 PROTO=UDPSPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=535 PROTO=UDP SPT=138 DPT=138 LEN=182 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=537 PROTO=UDPSPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=538 PROTO=UDPSPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=539 PROTO=UDPSPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:f1:76:fc:68:08:00 SRC=10.154.19.86 DST=10.154.19.255 LEN=211 TOS=0x00 PREC=0x00 TTL=128 ID=541 PROTO=UDP SPT=138 DPT=138 LEN=191 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62380 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:ce:0b:08:00 SRC=10.154.19.73 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=14788 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62381 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50188 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50189 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:ce:0b:08:00 SRC=10.154.19.73 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=14789 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62382 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50192 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50193 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:ce:0b:08:00 SRC=10.154.19.73 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=14790 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62383 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50202 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50203 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:ce:0b:08:00 SRC=10.154.19.73 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=14791 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62384 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50211 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50316 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62385 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50419 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62386 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=217 TOS=0x00 PREC=0x00 TTL=128 ID=62387 PROTO=UDP SPT=138 DPT=138 LEN=197 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:02:49:96:e0:08:00 SRC=10.154.19.74 DST=10.154.19.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=62388 PROTO=UDP SPT=138 DPT=138 LEN=209 RULE 2 -- DENY IN=eth1 OUT= MAC=00:60:97:c5:2a:c3:00:c0:4f:73:24:f5:08:00 SRC=192.168.100.199 DST=192.168.100.1 LEN=96 TOS=0x00 PREC=0x00 TTL=128 ID=21505 PROTO=UDP SPT=137 DPT=137 LEN=76 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50659 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 2 -- DENY IN=eth1 OUT= MAC=00:60:97:c5:2a:c3:00:c0:4f:73:24:f5:08:00 SRC=192.168.100.199 DST=192.168.100.1 LEN=96 TOS=0x00 PREC=0x00 TTL=128 ID=21761 PROTO=UDP SPT=137 DPT=137 LEN=76 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50660 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:12:3f:31:8d:b4:08:00 SRC=10.154.19.63 DST=10.154.19.255 LEN=250 TOS=0x00 PREC=0x00 TTL=128 ID=2710 PROTO=UDP SPT=138 DPT=138 LEN=230 RULE 4 -- DENY IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06:5b:c6:cd:98:08:00 SRC=10.154.19.76 DST=10.154.19.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=50661 PROTO=UDP SPT=137 DPT=137 LEN=58 RULE 2 -- DENY IN=eth1 OUT= MAC=00:60:97:c5:2a:c3:00:c0:4f:73:24:f5:08:00 SRC=192.168.100.199 DST=192.168.100.1 LEN=96 TOS=0x00 PREC=0x00 TTL=128 ID=22017 PROTO=UDP SPT=137 DPT=137 LEN=76 [root@rio ~]#
[root@rio ~]# ifconfig -a eth0 Link encap:Ethernet HWaddr 00:50:2C:A6:19:28 inet addr:10.154.19.136 Bcast:10.154.19.255 Mask:255.255.255.0 inet6 addr: fe80::250:2cff:fea6:1928/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3624 errors:0 dropped:0 overruns:0 frame:0 TX packets:21 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:395781 (386.5 KiB) TX bytes:1950 (1.9 KiB) Interrupt:11 Base address:0xae00
eth1 Link encap:Ethernet HWaddr 00:60:97:C5:2A:C3 inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0 inet6 addr: fe80::260:97ff:fec5:2ac3/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:183 errors:0 dropped:0 overruns:0 frame:0 TX packets:13 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:19980 (19.5 KiB) TX bytes:858 (858.0 b) Interrupt:11 Base address:0xec00
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:51 errors:0 dropped:0 overruns:0 frame:0 TX packets:51 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3718 (3.6 KiB) TX bytes:3718 (3.6 KiB)
sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@rio ~]#
On Thu, 2005-09-01 at 12:15 -0700, Antonio Olivares wrote:
--- Antonio Olivares olivares14031@yahoo.com wrote:
--- Jeff Vian jvian10@charter.net wrote:
On Thu, 2005-09-01 at 04:53 -0700, Antonio
Olivares
wrote:
--- Jeff Vian jvian10@charter.net wrote:
On Wed, 2005-08-31 at 17:16 -0700, Antonio
Olivares
wrote:
--- Jeff Vian jvian10@charter.net wrote:
> On Wed, 2005-08-31 at 12:20 -0700, Antonio
Olivares
> wrote: > > > > --- Antonio Olivares
> wrote: > > > >
*nat :PREROUTING ACCEPT [759:76421] :POSTROUTING ACCEPT [4:288] :OUTPUT ACCEPT [394:23805] -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth0 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth0 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE COMMIT # Completed on Wed Aug 31 07:52:24 2005 [root@rio ~]# cat /proc/sys/net/ipv4/ip_forward 1 [root@rio ~]#
Thanks for all your help and suggestions. It
will
work. It is just a matter of finding where
things
are
stopping.
Best Regards,
Antonio
Attached is a basic script for a firewall/router like you are using.
Simply put it somewhere on the linux box, make it executable, then as root run it.
After running this script, rerun "service iptables save" to save the rules so they load automatically when you reboot.
It should load all the rules you need for a
dynamic
external address on eth0, a fixed internal address on eth1, and DNS
on
the external network.
To test that it works, simply retry (from the windows box) the ping commands I gave earlier, and even try a ping to www.yahoo.com. If they all work then you should be all set.
This was generated using fwbuilder which is
readily
available on the net from www.fwbuilder.org or on sourceforge.
HTH Jeff
Now, I cannot access the local network and the internet from the machine. The eth0 device was assigned an IP according to its MAC address and now it does not work, it says that it is active. When I shut down the machine it gave me some weird message which I do not know how to get since I am sending this email from the other machine which has internet access in my classroom. Is there a way to solve this issue?
TIA
Antonio
____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
I used a floppy to access dmesg and ipconfig -a so you could see the weird messages I get.
TIA
Antonio
1. That should not be going to the dmesg output! On mine the logging from iptables goes to /var/log/messages. (Although I have not tried a firewall on FC4 yet so I will check that.)
2. The queries to ports 137 and 138 are routine net-bios data from the windows world. The queries are not a problem, the verbose logging is.
-
Antonio Olivares -
Jeff Vian