Hi,
I have a linux machine used as a router with a mandrake 8.
I am using Iptables to Firewall/Route.
My problem is that I don't have access to the internet on the linux machine and my clients computer (under windows2000pro) can only ping the internet.... I have made the script that follows to configure my Firewall/Router:
echo "mise en place du Forwarding"
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
#echo "eth1 est sur le reseau interne"
dev_intra="eth1"
#echo "eth0 est sur le modem ADSL"
dev_inter="eth0"
echo "nettoyage des tables d iptables"
iptables -F
iptables -X
echo "initialisation, nous refusons TOUTES les entrees/sorties"
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD ACCEPT
echo "Accepte les pings de n'importe où..."
iptables -A INPUT -d 0.0.0.0/0 -p ICMP -j ACCEPT
iptables -A OUTPUT -s 0.0.0.0/0 -p ICMP -j ACCEPT
echo "Entrees/sorties de la machine locale vers elle meme AUTORISEES"
iptables -A OUTPUT -s 127.0.0.0/8 -o lo -j ACCEPT
iptables -A INPUT -d 127.0.0.0/8 -i lo -j ACCEPT
# Activate Forwarding
iptables -A FORWARD -j ACCEPT -i eth1 -o ppp0 -s 192.168.0.0/24
iptables -A FORWARD -j ACCEPT -o eth1 -i ppp0 -s 0.0.0.0/0
# and masquerade IntraNet to Internet with Firewall Internet IP.
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
echo "Routage avec Masquarade lancé"
#iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o ppp0 -j MASQUERADE
I would like my client and host computer to access http, ftp, mail services and realaudio ... while being a little secured
I'm pretty lost for now I hope you can help me....
Thank you very much.
I have a linux machine used as a router with a mandrake 8.
I am using Iptables to Firewall/Route.
My problem is that I don't have access to the internet on the linux machine and my clients computer (under windows2000pro) can only ping the internet.... I have made the script that follows to configure my Firewall/Router:
echo "mise en place du Forwarding"
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
#echo "eth1 est sur le reseau interne"
dev_intra="eth1"
#echo "eth0 est sur le modem ADSL"
dev_inter="eth0"
echo "nettoyage des tables d iptables"
iptables -F
iptables -X
echo "initialisation, nous refusons TOUTES les entrees/sorties"
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD ACCEPT
echo "Accepte les pings de n'importe où..."
iptables -A INPUT -d 0.0.0.0/0 -p ICMP -j ACCEPT
iptables -A OUTPUT -s 0.0.0.0/0 -p ICMP -j ACCEPT
echo "Entrees/sorties de la machine locale vers elle meme AUTORISEES"
iptables -A OUTPUT -s 127.0.0.0/8 -o lo -j ACCEPT
iptables -A INPUT -d 127.0.0.0/8 -i lo -j ACCEPT
# Activate Forwarding
iptables -A FORWARD -j ACCEPT -i eth1 -o ppp0 -s 192.168.0.0/24
iptables -A FORWARD -j ACCEPT -o eth1 -i ppp0 -s 0.0.0.0/0
# and masquerade IntraNet to Internet with Firewall Internet IP.
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
echo "Routage avec Masquarade lancé"
#iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o ppp0 -j MASQUERADE
I would like my client and host computer to access http, ftp, mail services and realaudio ... while being a little secured
I'm pretty lost for now I hope you can help me....
Thank you very much.