Using Fedora as firewall.

david_pettersson at bredband.net david_pettersson at bredband.net
Sun Apr 18 18:10:43 UTC 2004 

Rodolfo J. Paiz wrote:

> At 03:56 4/17/2004, you wrote:
>
>> Now I have two networking cards, one buildin in the motherboard (eth0) and one in a PCI slot (eth1). When I tried to do the same to give my WinXP box access to the internet I couldn't get it right. When I connect to internet using eth0 everything is fine. When I start eth1 to the WinXP box it works, but then I have no contact with the internet thru eth0.
>> To get contact with the internet again I have to stop eth1 and restart eth0. Does anyone have a clue?
>
>
> First you need to solve your networking problems, so that you can have both network interfaces up and running and so that the Fedora box (which will be the firewall and gateway) can access both the Internet via eth0 and the internal network (your XP box) via eth1.
>
> Then my best suggestion is to go to http://www.shorewall.net and read the "two-interface quick guide" there. Download the software and it will show you how to set up the configuration files (simple text files) to get the result you want. Shorewall will configure everything: gateway service, routing, masquerading, firewall rules, and allowing some ports access from the Internet to your firewall or to an internal machine if you so desire.
>
> I am also working on a more complete document for what you want, called the "Small Netserver HOWTO". It will show you how to set up DHCP, DNS, and NTP for your home network on that Fedora box, which will make your life much easier from then on. It is unfortunately not complete yet, but hopefully what I have so far will help give you a little guidance and I'll finish it soon. You can reach it from here:
>
> http://www.simpaticus.com/linux
>
> Note: this document assumes you have set up your networking properly (which you haven't so far) so it is *NOT* useful to solve your actual problems. It will, hopefully, be useful to you *after* you get past this small networking problem. Hope it helps somewhat.
>
> Now, to solve your present problem:
>
>> The internet company used DNS to assign network adresses and the WinXP has adress 172.16.0.2
>
>
> Can we get the following:
>
>         * Contents of /etc/sysconfig/network-scripts/ifcfg-eth0 and ifcfg-eth1
>
>         * Contents of /etc/sysconfig /network
>
>         * Contents of /etc/resolv.conf
>
>         * Output of "/sbin/route -n"
>
> This will help us figure out the problem.
>
>
The problem was the default route in eth1 as pointed out in an other answer. I will have a look at the webpages you recommended, they look useful. Thanks to everyone for the many answers.

.David

More information about the users mailing list