Fedora, Dual Nics with active firewall

[nashsupport]

Hello All:

I am configuring a network within my network ( with firewall on eth0) and here is the configuration that I would like. I have been searching for the IP configuration but have been unable to find it along with the correct iptables command.

2 Nic's ( one for internal network eth1 and eth0 for 1st network connectivity to internet)
Internal ( 1st) Network Gateway 192.168.0.1, DHCP lease on eth0 is 192.168.0.68 255.255.255.0, eth1 unsure of what IP address should be assigned, I used 192.168.1.2 255.255.255.0. dhcpd.conf for internal dhcp server configured with range 192.168.1.100 192.168.1.140

I can get out to internet from local server but when I attach workstation from internal network from dhcp server I cannot browse internet or get out.

I am sure that I have a routing, maybe iptables messed up but have not had any luck finding the info.

anyhelp would be appreciated.

 

[thedaver]

did you
"echo 1 > /proc/sys/net/ipv4/ip_forward" ?

http://www.surfinbox.com/loans/

 

[sleipnir214]

Or to make the change survive a reboot, edit /etc/sysctl.conf. There is a line which reads:

net.ipv4.ip_forward = 0

change it to read:

net.ipv4.ip_forward = 1




Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[lgarner]

And, did you either enable NAT?

$IPTABLES -t nat -A POSTROUTING -o $PUB_IF -j MASQUERADE

Or, does your internet router have a route to your 192.168.1.0 network via the firewall?

 

[ericbrunson]

Save yourself a lot of headaches and go get yourself fwbuilder from sourceforge. I've got almost 20 years experience with networking and firewalls, but it's still wonderful to have something that you can drag and drop objects onto rules and have it build the NAT and filter tables.

There are other good products, too. Bastille-Linux, Jay's Firewall.

 

[nashsupport]

all great answers, seems everything is working now.

thanks a bunch