[luau] more firewall script questions
Thomas David Burns
tburns at hawaii.edu
Mon Nov 18 14:10:01 PST 2002
----- Original Message -----
From: Dean Fujioka <surfdean at hawaii.rr.com>
Date: Thursday, November 14, 2002 2:25 pm
Subject: Re: [luau] more firewall script questions
>
>
> Thomas David Burns wrote:
>
> >I am following Warren's walkthrough of MonMotha's script.
> >
> >Actually, I am doing some testing. Before I run the script,
> should the
> >firewall be able to act as a router/bridge?
> >
> Before you run the script, there is no firewall.
Okay. So will the machine be able to act as a router/bridge or not?
netfilter/iptables is installed and the default is to accept all, I
think. But my LAN can't see the internet.
>
> >Warren says to use 192.168.0.1 for the local address of the
> firewall, I
> >used 192.168.1.1. Could this be causing me a problem?
> >
> What kind of problem?
Lan can't see WAN, though script runs with no errors.
>As long as you have your internal NIC's IP
> as
> 192.168.1.1 and the appropriate lines in MonMotha's script set,
> you
> should be ok AFTER running the script.
>
> >Does it make any
> >difference, assuming all the clients are configured to use that
> address
> >as a gateway?
> >
> >
> Yes it does make a difference, It's like going to someone else's
> house
> (address).
Well, obviously, but I just said all the clients are set to look there.
That's why I switched, all the clients were already using 192.168.1.1,
I didn't want to have to reconfigure them.
The question in my mind is more, is there some special meaning to
192.168.0 different from 192.168.1. Both are local test addresses, so
far as I know, and there shouldn't be a problem. But I certainly have
some kind of problem. I tested all the hardware, it looks good to me,
but when I run the script, it generates no errors, but no traffic gets
past the firewall that I can see. It is as if ip forwarding was not
happening. eth0 and eth1 are working, but do not talk to each other.
Things are just as bad before I run the script, but I am not sure
whether ip forwarding gets turned on by the script or some other way.
If the script turns on ip forwarding, then it makes sense that nothing
would happen before the script gets executed.
Dumbfounded Dave
More information about the LUAU
mailing list