Firewall Setup

[Nelson Garcia]

Not sure if I follow you but, just in case, here are my thoughts:
It could be that your eth1 is the external interface and eth0 your internal
one.
Remember that if you swap stuff around, you might want to restart your
network on the firewall to bring up your external interface.  You could do
it the Microsoft way (reboot) or  "./etc/rc.d/network restart" (that's
Mandrake, what you have could be different).

If you don't have a static IP address, all your firewall needs is a dhcp
client. You don't need to run a dhcp server for your setup to work.

This sounds like a plumbing problem.  You might want to ping all your
internal interfaces and then try some external ones by name and ip, that way
you can tell us and we can get a better idea of what's going on in your
network.

Aloha and good luck,
Nelson

> -----Original Message-----
> From: Jason Smallwood [mailto:devil505 at hawaii.rr.com]
> Sent: Friday, September 21, 2001 8:00 PM
> To: Linux & Unix Advocates & Users
> Subject: [luau] Re: Firewall Setup
>
>
> Ok, I think I have it working now.  I removed the ipchains.  ran the rmmod
> on the ipchains, the ran the rc.firewall-xxxxxx script.  No errors, seems
> like it loaded ok.  Now when I tried to do the DHCP setup as described on
> Wiki, my other system is not detecing a connection.  Now maybe I have
> something wrong between my firewall-hub-client, Road Runner connected to
> firewall at eth0, firewall (eth1) connect to hub at backbone (note: no
> detect light on the card).  Changed connection from Firewall (eth1) to hub
> (1st port available), skipped port connection, then connected client to
> port 3.  Detectlight on card and on hub for both systems.
> However still no
> connection.  My setup up on my M$ system is:
> WINS Disabled
> IP address 192.168.0.3
> Sub net mask 255.255.255.0
>
> Gateway 192.168.0.1
>
> DNS Setting
>
> Hostname		Domain
> swoodclient		(left blank not sure if sposed to be filled in)
>
> 24.25.227.34
> 24.25.227.36
>
> Domain suffix
>
> hawaii.rr.com
> rr.com
>
> I am not sure if all of that should be there or not.
>
> Now maybe it is fowling up with DHCP enabled on the firewall, butI have
> tried both ways and no luck.
>
> THanks,
>
> Jason
>
>
>
>
> On 2001.09.22 20:28 Warren Togami wrote:
> > Your ipchains kernel module is probably still loaded.  ipchains and
> > iptables
> > cannot co-exist.
> >
> > Try this
> > rmmod
> > modprobe ip_tables
> > Then run the rc.firewall-xxxxxx script.
> >
> > Make sure you disable automatic start of the "ipchains"
> service.  Go into
> > "setup" and uncheck ipchains and firewall.  Check activate "iptables"
> > even
> > though Red Hat's rules are empty, because that should automatically load
> > the
> > ip_tables kernel module at boot-time before it runs your
> rc.firewall-xxxx
> > script at the bottom of your rc.local script.
> >
> > ----- Original Message -----
> > From: <devil505 at hawaii.rr.com>
> > To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
> > Sent: Friday, September 21, 2001 11:37 PM
> > Subject: [luau] Firewall Setup
> >
> > >
> > > es.o: init_module: Device or resource busy
> > > Hint: insmod errors can be caused by incorrect module parameters,
> > including
> > > inva
> > > lid IO or IRQ parameters
> > > /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod
> > /lib/modules/
> > >
> > > 2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o failed
> > > /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod
> > ip_tables
> > > fai
> > > led
> > > iptables v1.2.1a: can't initialize iptables table `filter': iptables
> > who?
> > (do
> > > yo
> > > u need to insmod?)
> >
> >
> >
> > ---
> > You are currently subscribed to luau as: devil505 at hawaii.rr.com
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
>
> ---
> You are currently subscribed to luau as: garcian002 at hawaii.rr.com
> To unsubscribe send a blank email to $subst('Email.Unsub')