[UCLA-LUG] linux ipchains

Todd A. Lyons cannonball@usinter.net
Fri, 04 Feb 2000 19:48:19 -0800 

mike chan wrote:

> >   Hi Mike Chan    I am ruud and i am trying to get my pws (personal  web
> >server) to work in a small network with a linux box as a connection to  the
> >internet. On all of my computers I can surf the internet. But  I can't seem
> >to connect  from the internet to my pws. I think the settings of the
> >ipchains are not  correct. I try to look on the Internet for a solusion but
> >i  could not find one.   My pws ip number is 173.100.100.26 this is in the
> >lan and my Linux ip number is 173.100.100.1 and  xx.xx.xx.xx (dhcp) from my
> >provider   I downloaded the GFCC program to make thinks easy  but it still
> >dosn't work.   So what I whant to do is connect from a computer on  the
> >internet to my pws at home in my lan   Can you give me a hint on how to set
> >the  INPUT/FORWARD/OUTPUT chains ?     Thanks   Ruud.

Tell him to download the following:
http://209.85.130.137/linux/downloads/masq_myfirewall
It's the script that I use on my firewall.  The original archive can be
obtained at:
http://209.85.130.137/linux/downloads/ipchains-firewall-current.tar.gz

He can chose the one that I use or the original archive.  Give one of
those a try and see how things work out.  He'll have to modify the
internal net.  Mine is set to 192.168.1.0/24.  It lookes like his will
be 173.100.100.0/24.  (Is that a proper RFC private network???  I
thought it was 172.128.*.* to 172.255.*.*)  And he has to verify that
the external net ethernet device is assigned properly.  In the script
it's called LOCALIF and defaults to eth1.  If he has masquerading
enabled in the kernel, it should run with very little modifications to
the script and no modifications to his box.  As long as DHCP has already
obtained the IP address, this script will extract it from the ifconfig
output.

If these addresses are supposed to be external addresses instead of
masqueraded, then this script will not do what he wants and we need more
information.
-- 
Blue skies...			Cannonball
*    One ring to rule them all, One ring to find them       * 
* One ring to bring them all, and in the darkness bind them *
				Sauron