local routing

R. Scott Belford sctinc at mac.com
Tue Jan 15 19:00:53 PST 2002 

I should be explicit that the discovery and use of your script has been a
joy beyond expectation.  I thought that it was easy using a gui tool before,
but the insertion of my variables into your script was it.  It took a little
struggle (for me), but running a "real" iptables firewall is reassuring.
Nice job.  :-).  If I have problems/questions or even a suggestion (not
likely), I'll seek you in IRC.

Thanks for the script
scott

-----Original Message-----
From: MonMotha [mailto:monmotha at indy.rr.com]
Sent: Tuesday, January 15, 2002 4:21 PM
To: Linux & Unix Advocates & Users
Subject: [luau] Re: local routing

Ooh Ooh!  Someone said iptables and my script. :)  If you have any
questions, feel free to post them to this list or you may email me
directly at monmotha at indy.rr.com.  I welcome comments, suggestions,
complaints, etc. on my firewall and will do generic iptables stuff too
(but only if you ask nicely :).  You can also find me on IRC.  I'm
usually on EFNet and OpenProjectsNet as "MonMotha."

--MonMotha

R Scott Belford wrote:

> No, Scott, it is not as easy as a simple command line.  This could route
> traffic to your lan, but it would be irresponsible to do so without some
> kind of a firewall.  What you need is iptables.  This offers NAT and
> many other features above what ipchains does.  The thing is, if you
> install ipchains and iptables on your redhat 7.x system, you will have
> trouble insmodding the iptables.  To get around this in your gui world,
> run setup as root and configure the firewall, (can be accessed by
> running lokkit also) and set the firewall to none.  A future reboot with
> an iptables enabling script will not have the same trouble you had when
> the kernel was loading  ipchains.  Using monmotha's firewall/routing
> script will teach you some good things and make your life much easier
> and safer than any gui can.  In the future RTFM a whole lot more.  The
> linuxdoc project has a great article about ip-masquerading as well as
> some firewalling  scripts.
>
> Well, it took me a whole lot of time of fiddling around to get to this
> point, but sense I asked such a broad and potentially loaded question I
> figured I should reply to myself.  I see why I have been told to use
> iptables for quite a long time now.  I see why there have been the posts
> praising monmotha's script.  Very smooth.  I downloaded ximian's
> control-center in search of its routing  gui only to find it missing.  I
> was just about to turn port forwarding/firewalling duties over to my
> Airport (running some flavor of bsd) when I finally cracked this nut.
> If any of you run into this same issue, I might be able to help.
>
> scott
>
>
>
> On Monday, January 14, 2002, at 05:29  PM, R. Scott Belford wrote:
>
>> I am trying to route my wan to my lan within redhat 7.x  In the past I
>> have
>> used Ximian's internet sharing gui.  However, I am now more man than
>> that.
>> No, actually I'm not, but I am trying to do it in a more challenging way.
>>
>> Using linuxconf, it seems that I want to "set routes to alternate
>> local nets"
>> under the "routing and gateway option."  Here, I have the chance to
>> add what
>> interface, ip/subnet I want to route the traffic to.  It took a while
>> to get
>> the system and my lan devices to accept my ip/subnet combination.  Once I
>> did, though, I don't have any traffic flow.
>>
>> I have of course set the gateway of my lan devices to the ip of the
>> nic I am
>> routing the traffic to.  They are using the same subnet, and the lan
>> devices
>> have ip addresses sequentially higher than the gateway.  The dns
>> settings are
>> correct.
>>
>> Am I way off in my choice of linuxconf modules to use?  Any
>> suggestions for
>> ip addresses to use locally?  My 10.0.1.1/255.255.255.0 or
>> 10.0.1.0/255.255.0.0 are not being accepted.  I tried some of the
>> 192.168.0.1
>> combinations to no avail.  I understand what needs to be done, but the
>> computer doesn't take my voice commands.  I know there is some simple
>> (for
>> some of you) command line instruction that I can enter which routes the
>> traffic.  I seek this wisdom; can you help?
>>
>> scott
>>
>> ---
>> You are currently subscribed to luau as: sctinc at mac.com
>> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
>
> ---
> You are currently subscribed to luau as: monmotha at indy.rr.com
> To unsubscribe send a blank email to $subst('Email.Unsub')
>



---
You are currently subscribed to luau as: sctinc at mac.com
To unsubscribe send a blank email to $subst('Email.Unsub')

More information about the LUAU mailing list