[luau] more firewall script questions

Thomas David Burns tburns at hawaii.edu
Mon Nov 18 14:10:01 PST 2002


----- Original Message -----
From: Dean Fujioka <surfdean at hawaii.rr.com>
Date: Thursday, November 14, 2002 2:25 pm
Subject: Re: [luau] more firewall script questions

> 
> 
> Thomas David Burns wrote:
> 
> >I am following Warren's walkthrough of MonMotha's script.
> >
> >Actually, I am doing some testing. Before I run the script, 
> should the 
> >firewall be able to act as a router/bridge?
> >
> Before you run the script, there is no firewall.

Okay. So will the machine be able to act as a router/bridge or not? 
netfilter/iptables is installed and the default is to accept all, I 
think. But my LAN can't see the internet.

> 
> >Warren says to use 192.168.0.1 for the local address of the 
> firewall, I 
> >used 192.168.1.1. Could this be causing me a problem? 
> >
> What kind of problem? 

Lan can't see WAN, though script runs with no errors.

>As long as you have your internal NIC's IP 
> as 
> 192.168.1.1 and the appropriate lines in MonMotha's script set, 
> you 
> should be ok AFTER running the script.
> 
> >Does it make any 
> >difference, assuming all the clients are configured to use that 
> address 
> >as a gateway?
> >  
> >
> Yes it does make a difference, It's like going to someone else's 
> house 
> (address).

Well, obviously, but I just said all the clients are set to look there. 
That's why I switched, all the clients were already using 192.168.1.1, 
I didn't want to have to reconfigure them. 

The question in my mind is more, is there some special meaning to 
192.168.0 different from 192.168.1. Both are local test addresses, so 
far as I know, and there shouldn't be a problem. But I certainly have 
some kind of problem. I tested all the hardware, it looks good to me, 
but when I run the script, it generates no errors, but no traffic gets 
past the firewall that I can see. It is as if ip forwarding was not 
happening. eth0 and eth1 are working, but do not talk to each other. 

Things are just as bad before I run the script, but I am not sure 
whether ip forwarding gets turned on by the script or some other way. 
If the script turns on ip forwarding, then it makes sense that nothing 
would happen before the script gets executed.

Dumbfounded Dave




More information about the LUAU mailing list