Linux firewall Ipchain...RH7.2

[Trekkie]

Hi,

I'm trying to setup Linux firewall using Ipchain on RH7.2 on the computer with two nic's. One network card is connected (dhcp) to Internet and other one is on the LAN (static).

From the Linux box, I can ping both Internet and LAN. From LAN PC, I can ping the Linux box; however, I cannot ping outside the firewall from the LAN PC.

I have allowed forwarding by "echo 1 > /proc/sys/net/ipv4/ip_forward" in the rc.local /etc/rc.d

LAN connect NIC (eth1):

Here is ifcfg-eth1 on /etc/sysconfig/networking-scripts directory

DEVICE=eth1
IPADDR=192.168.1.254
NETMASK=255.255.255.0
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
GATEWAY=192.168.1.254
ONBOOT=yes

resolv.conf on /etc/sysconfig/networking/profiles/default

nameserver 24.69.1.195
nameserver 24.69.1.212

On the LAN PC

IP: 192.168.1.1
subnet: 255.255.255.0
gateway: 192.168.1.254

DNS: 24.69.1.195
DNS: 24.69.1.212

I appreciate any help

Thanks
Trekkie

 

[RhythmAce]

Since you are using ipchains, I'm guessing you don't have a firmdware router. You will have to set up the machine with direct access to the internet as a proxy server.

 

[Trekkie]

How do I go 'bout doing that? Do I need Squid in order to make a proxy server?

Thx,
Trekkie

 

[Guest_imported]

You will want to have an internal network on one NIC and the other NIC will be attached to the Internet. Then, you set up a script for IP Masquerading (and firewall, etc.) using iptables. There is a very good HOWTO on Masquerading at

http://www.e-infomax.com/ipmasq/

Five

 

[danandita]

...and make sure you use 2.2.x kernel if you want to use ipchains.


regards,

Darmawan W. Anandita
---
ISP Network/System Administrator
M-Web Indonesia

http://people.mweb.co.id/~anand

-----
Darmawan W. Anandita
Network/System Administrator
M-Web Indonesia