Re: Lan to Wan reprise
From: Jeff Vian (jvian10_at_charter.net)
To: For users of Fedora Core releases <email@example.com> Date: Sun, 13 Mar 2005 18:22:32 -0600
On Sun, 2005-03-13 at 15:53 -0500, Claude Jones wrote:
> Arthur Pemberton wrote:
> > Claude Jones wrote:
> >> Arthur Pemberton wrote:
> >>> Claude Jones wrote:
> >>>> The web server works.
> >>>> The box has internet access.
> >>>> Machines on the Lan are getting DHCP assigned IP addresses. They
> >>>> are also able to see my lone web page.
> >>>> However, the machines on the Lan can't get past the firewall. It's
> >>>> not a DNS problem because it doesn't go away if you put an IP
> >>>> address in. I can ping the Wan NIC from the LAN but nothing further
> >>>> than that.
> >>>> I've reviewed the procedures over and over that I used
> >>>> successfully, and I can't find the problem.
> >>>> DHCPD loads without errors.
> >>>> I've checked and rechecked the firewall and SELinux settings, and
> >>>> they appear to be the same as at the office.
> >>>> I've reviewed the network settings for my NICs twenty times.
> >>>> IP forwarding and masquerade have been set up.
> >>>> What have I overlooked??? I have to have this running in three
> >>>> hours so any suggestions would be greatly appreciated!
> >>> I have almost exactly the same setup as you up and running. See my
> >>> firewall iptables script (it may help you):
> >>> http://pembo13.dalive.com/scripts/bash/firewall.php
> >> I'm looking at your script now. When I get done with all the mods to
> >> work with my system, how do I run it? Forgive me for I'm new to all
> >> this...
> > No prob. I've been there myself. To run you can run either of the
> > floowing commands:
> > 1) $ sh firewall.sh
> > or
> > 2) $ chmod +x firewall.sh # you shoudl only need to run this
> > first command the first time you attempt this method
> > $ ./firewall.sh
> Thanks. I did figure this one out. I'm still finding it hard to figure
> out where to put this script once it works, and how to run it at
> boot-time. Meanwhile, even though the firewall starts and stops and the
> rules seem right, I'm still not getting out from the Lan. DHCPD seems
> fine - my inside machines get addresses, and they can ping the outside
> NIC on the Linux box, and they can see the one page on my web server.
> But, that's as far as they can get.
As far as the firewall script goes, you only need to run it once if you
then do the following (as root) before you shutdown.
# service iptables save
It then will save the settings in a file (/etc/sysconfig/iptables) that
automatically gets read and processed each time you boot.
After having done this, the only time you will need to redo it is if you
make a change int he firewall and need to update the startup
-- fedora-list mailing list firstname.lastname@example.org To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list