Hello,
I am using redhat linux 6.2/6.1 and having some major
trouble getting ip forwarding functioning for ipchains.
This is for a firewall. I want to route directly initially
before trying masquarading.
I have enabled in /etc/sysctl.conf ip forwarding or in
/etc/sysconfig/network
(Appreciate this list is not really for this type of problem
but couldn't get anywhere on ip chains mailing list)
Following script is used
ipchains -F
ipchains -A input -i lo -j ACCEPT
ipchains -A output -i lo -j ACCEPT
ipchains -A input -i eth0 -s first_host_ip -j ACCEPT
ipchains -A output -i eth0 -d first_host_ip -j ACCEPT
ipchains -A input -i eth1 -s second_host_ip -j ACCEPT
ipchains -A output -i eth1 -s second_host_ip -j ACCEPT
ipchains -A forward -i eth1 -s first_host_ip -d second_host_ip -j ACCEPT
ipchains -A forward -i eth0 -s second_host_ip -d first_host_ip -j ACCEPT
This general script should forward traffic between NIC1 and NIC2
so I believe. I can block specific traffic/protocols/ip's etc on each NIC
and have added things like "-p all" and removed default deny policy
etc to lines but can't forward.
I think it's a routing problem.
Does the IP forwarding/routing in kernel 2.2.14 require IP masquarade
used through ipchains to function?
Or should it route non-masq'd with no trouble?
Help appreciatted
Kevin
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jul 28 2000 - 02:41:16 EDT