Firewall Setup
Jason Smallwood
devil505 at hawaii.rr.com
Sat Sep 22 00:14:10 PDT 2001
Nelson,
Ok I did what you said, restarting the network. I know eth0 is the
external connection. I have checked and double checked my config. I can
ping the client system. I went to my client system and was able to ping
the firewall. The reason I have DHCP running on the firewall is for quick
assignement of other network clients as I bring them online. I did a
winipcfg, and was able to release and renew the IP address lease with no
problems; however, I am still not able to get out to the web via the
client. I am working off the firewall right now, but don't really want do
that for a lot of things.
Thanks,
Jason
On 2001.09.23 12:25 Nelson Garcia wrote:
> Not sure if I follow you but, just in case, here are my thoughts:
> It could be that your eth1 is the external interface and eth0 your
> internal
> one.
> Remember that if you swap stuff around, you might want to restart your
> network on the firewall to bring up your external interface. You could
> do
> it the Microsoft way (reboot) or "./etc/rc.d/network restart" (that's
> Mandrake, what you have could be different).
>
> If you don't have a static IP address, all your firewall needs is a dhcp
> client. You don't need to run a dhcp server for your setup to work.
>
> This sounds like a plumbing problem. You might want to ping all your
> internal interfaces and then try some external ones by name and ip, that
> way
> you can tell us and we can get a better idea of what's going on in your
> network.
>
> Aloha and good luck,
> Nelson
>
> > -----Original Message-----
> > From: Jason Smallwood [mailto:devil505 at hawaii.rr.com]
> > Sent: Friday, September 21, 2001 8:00 PM
> > To: Linux & Unix Advocates & Users
> > Subject: [luau] Re: Firewall Setup
> >
> >
> > Ok, I think I have it working now. I removed the ipchains. ran the
> rmmod
> > on the ipchains, the ran the rc.firewall-xxxxxx script. No errors,
> seems
> > like it loaded ok. Now when I tried to do the DHCP setup as described
> on
> > Wiki, my other system is not detecing a connection. Now maybe I have
> > something wrong between my firewall-hub-client, Road Runner connected
> to
> > firewall at eth0, firewall (eth1) connect to hub at backbone (note: no
> > detect light on the card). Changed connection from Firewall (eth1) to
> hub
> > (1st port available), skipped port connection, then connected client to
> > port 3. Detectlight on card and on hub for both systems.
> > However still no
> > connection. My setup up on my M$ system is:
> > WINS Disabled
> > IP address 192.168.0.3
> > Sub net mask 255.255.255.0
> >
> > Gateway 192.168.0.1
> >
> > DNS Setting
> >
> > Hostname Domain
> > swoodclient (left blank not sure if sposed to be filled
> in)
> >
> > 24.25.227.34
> > 24.25.227.36
> >
> > Domain suffix
> >
> > hawaii.rr.com
> > rr.com
> >
> > I am not sure if all of that should be there or not.
> >
> > Now maybe it is fowling up with DHCP enabled on the firewall, butI have
> > tried both ways and no luck.
> >
> > THanks,
> >
> > Jason
> >
> >
> >
> >
> > On 2001.09.22 20:28 Warren Togami wrote:
> > > Your ipchains kernel module is probably still loaded. ipchains and
> > > iptables
> > > cannot co-exist.
> > >
> > > Try this
> > > rmmod
> > > modprobe ip_tables
> > > Then run the rc.firewall-xxxxxx script.
> > >
> > > Make sure you disable automatic start of the "ipchains"
> > service. Go into
> > > "setup" and uncheck ipchains and firewall. Check activate "iptables"
> > > even
> > > though Red Hat's rules are empty, because that should automatically
> load
> > > the
> > > ip_tables kernel module at boot-time before it runs your
> > rc.firewall-xxxx
> > > script at the bottom of your rc.local script.
> > >
> > > ----- Original Message -----
> > > From: <devil505 at hawaii.rr.com>
> > > To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
> > > Sent: Friday, September 21, 2001 11:37 PM
> > > Subject: [luau] Firewall Setup
> > >
> > > >
> > > > es.o: init_module: Device or resource busy
> > > > Hint: insmod errors can be caused by incorrect module parameters,
> > > including
> > > > inva
> > > > lid IO or IRQ parameters
> > > > /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod
> > > /lib/modules/
> > > >
> > > > 2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o failed
> > > > /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod
> > > ip_tables
> > > > fai
> > > > led
> > > > iptables v1.2.1a: can't initialize iptables table `filter':
> iptables
> > > who?
> > > (do
> > > > yo
> > > > u need to insmod?)
> > >
> > >
> > >
> > > ---
> > > You are currently subscribed to luau as: devil505 at hawaii.rr.com
> > > To unsubscribe send a blank email to $subst('Email.Unsub')
> > >
> >
> > ---
> > You are currently subscribed to luau as: garcian002 at hawaii.rr.com
> > To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
> ---
> You are currently subscribed to luau as: devil505 at hawaii.rr.com
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
More information about the LUAU
mailing list