Complete.Org: Mailing Lists: Archives: discussion: September 1998:
Re: [aclug-L] IP Forwarding
Home

Re: [aclug-L] IP Forwarding

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: aclug-L@xxxxxxxxxxxx
Subject: Re: [aclug-L] IP Forwarding
From: JOHNSTONE JEREMY S <jsjohnst@xxxxxxxxxxx>
Date: Mon, 14 Sep 1998 22:55:15 -0500 (CDT)
Reply-to: aclug-L@xxxxxxxxxxxx

The problem with your setup is your only seting up a one wasy street. The
real network still can't see the "fake" one.

On 14 Sep 1998, John Goerzen wrote:

> Glen Diener <glen@xxxxxxxxxxxxxxxx> writes:
> 
> > Im attempting to use a Linux (Caldera OpenLinux) box  as a firewall which
> > forwards IP packets from one network to another.  I have two working
> 
> OK, just to be precise here, let's make sure I've got your setup
> correct:
> 
>  * You have the "real" network on eth0, your Ethernet card is IP
>    198.248.166.17, and your netmask there is 255.255.255.0
> 
>  * You want to set up a masqueraded network on eth1 with IP
>    addresses in 192.168.2.0/255.255.255.0
> 
> If this is the case, then the solution is simple:
> 
> > The ipfwadm commands I've used are those given in the IP Masquerading
> > howto page. 
> > 
> >     ipfwadm -F -p deny 
> >        ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0 
> 
> Your ifconfig listed 192.168.2.x and here you have 192.168.1.x -- make 
> sure the values agree.  I think the problem here is a simple typo --
> you need to use 192.168.2.0/24 instead of 192.168.1.0/24.  Also, you
> need to add a netmask for the destination address (a simple /0 at the
> end will suffice).
> 
> Also, you can try adding a -v to the ipfwadm command line, like so:
> 
> ipfwadm -v -F -a m -S 192.168.2.0/24 -D 0.0.0.0/0
> 
> -- 
> John Goerzen   Linux, Unix consulting & programming   jgoerzen@xxxxxxxxxxxx |
> Developer, Debian GNU/Linux (Free powerful OS upgrade)       www.debian.org |
> ----------------------------------------------------------------------------+
> Visit the Air Capital Linux Users Group on the web at http://www.aclug.org
> ---
> This is the Air Capitol Linux Users Group discussion list.  If you
> want to unsubscribe, send the word "unsubscribe" to
> aclug-L-request@xxxxxxxxxxxx.  If you want to post to the list, send your
> message to aclug-L@xxxxxxxxxxxx.
> 

---
This is the Air Capitol Linux Users Group discussion list.  If you
want to unsubscribe, send the word "unsubscribe" to
aclug-L-request@xxxxxxxxxxxx.  If you want to post to the list, send your
message to aclug-L@xxxxxxxxxxxx.



[Prev in Thread] Current Thread [Next in Thread]