Firewall Setup

Jason Smallwood devil505 at hawaii.rr.com
Sat Sep 22 00:14:10 PDT 2001 

Nelson,
Ok I did what you said, restarting the network.  I know eth0 is the
external connection.  I have checked and double checked my config.  I can
ping the client system.  I went to my client system and was able to ping
the firewall.  The reason I have DHCP running on the firewall is for quick
assignement of other network clients as I bring them online.  I did a
winipcfg, and was able to release and renew the IP address lease with no
problems; however, I am still not able to get out to the web via the
client.  I am working off the firewall right now, but don't really want do
that for a lot of things.  

Thanks,
Jason


On 2001.09.23 12:25 Nelson Garcia wrote:
> Not sure if I follow you but, just in case, here are my thoughts:
> It could be that your eth1 is the external interface and eth0 your
> internal
> one.
> Remember that if you swap stuff around, you might want to restart your
> network on the firewall to bring up your external interface.  You could
> do
> it the Microsoft way (reboot) or  "./etc/rc.d/network restart" (that's
> Mandrake, what you have could be different).
> 
> If you don't have a static IP address, all your firewall needs is a dhcp
> client. You don't need to run a dhcp server for your setup to work.
> 
> This sounds like a plumbing problem.  You might want to ping all your
> internal interfaces and then try some external ones by name and ip, that
> way
> you can tell us and we can get a better idea of what's going on in your
> network.
> 
> Aloha and good luck,
> Nelson
> 
> > -----Original Message-----
> > From: Jason Smallwood [mailto:devil505 at hawaii.rr.com]
> > Sent: Friday, September 21, 2001 8:00 PM
> > To: Linux & Unix Advocates & Users
> > Subject: [luau] Re: Firewall Setup
> >
> >
> > Ok, I think I have it working now.  I removed the ipchains.  ran the
> rmmod
> > on the ipchains, the ran the rc.firewall-xxxxxx script.  No errors,
> seems
> > like it loaded ok.  Now when I tried to do the DHCP setup as described
> on
> > Wiki, my other system is not detecing a connection.  Now maybe I have
> > something wrong between my firewall-hub-client, Road Runner connected
> to
> > firewall at eth0, firewall (eth1) connect to hub at backbone (note: no
> > detect light on the card).  Changed connection from Firewall (eth1) to
> hub
> > (1st port available), skipped port connection, then connected client to
> > port 3.  Detectlight on card and on hub for both systems.
> > However still no
> > connection.  My setup up on my M$ system is:
> > WINS Disabled
> > IP address 192.168.0.3
> > Sub net mask 255.255.255.0
> >
> > Gateway 192.168.0.1
> >
> > DNS Setting
> >
> > Hostname		Domain
> > swoodclient		(left blank not sure if sposed to be filled
> in)
> >
> > 24.25.227.34
> > 24.25.227.36
> >
> > Domain suffix
> >
> > hawaii.rr.com
> > rr.com
> >
> > I am not sure if all of that should be there or not.
> >
> > Now maybe it is fowling up with DHCP enabled on the firewall, butI have
> > tried both ways and no luck.
> >
> > THanks,
> >
> > Jason
> >
> >
> >
> >
> > On 2001.09.22 20:28 Warren Togami wrote:
> > > Your ipchains kernel module is probably still loaded.  ipchains and
> > > iptables
> > > cannot co-exist.
> > >
> > > Try this
> > > rmmod
> > > modprobe ip_tables
> > > Then run the rc.firewall-xxxxxx script.
> > >
> > > Make sure you disable automatic start of the "ipchains"
> > service.  Go into
> > > "setup" and uncheck ipchains and firewall.  Check activate "iptables"
> > > even
> > > though Red Hat's rules are empty, because that should automatically
> load
> > > the
> > > ip_tables kernel module at boot-time before it runs your
> > rc.firewall-xxxx
> > > script at the bottom of your rc.local script.
> > >
> > > ----- Original Message -----
> > > From: <devil505 at hawaii.rr.com>
> > > To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
> > > Sent: Friday, September 21, 2001 11:37 PM
> > > Subject: [luau] Firewall Setup
> > >
> > > >
> > > > es.o: init_module: Device or resource busy
> > > > Hint: insmod errors can be caused by incorrect module parameters,
> > > including
> > > > inva
> > > > lid IO or IRQ parameters
> > > > /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod
> > > /lib/modules/
> > > >
> > > > 2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o failed
> > > > /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod
> > > ip_tables
> > > > fai
> > > > led
> > > > iptables v1.2.1a: can't initialize iptables table `filter':
> iptables
> > > who?
> > > (do
> > > > yo
> > > > u need to insmod?)
> > >
> > >
> > >
> > > ---
> > > You are currently subscribed to luau as: devil505 at hawaii.rr.com
> > > To unsubscribe send a blank email to $subst('Email.Unsub')
> > >
> >
> > ---
> > You are currently subscribed to luau as: garcian002 at hawaii.rr.com
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> 
> 
> ---
> You are currently subscribed to luau as: devil505 at hawaii.rr.com
> To unsubscribe send a blank email to $subst('Email.Unsub')
>

More information about the LUAU mailing list