[NCLUG] I'm wearing my ball and ipchains. Please help.

Bill Thorson thorson at typhoon.atmos.colostate.edu
Tue Feb 20 00:58:05 MST 2001


On Mon, 19 Feb 2001, Matt Taggart wrote:

> 
> R P Herrold writes...
> 
> > There needs to be a simple forward (no masq) rule bridging
> > 192.168.2.0/24 and 192.168.1.0/24
> 
> Only if they aren't all using the masq box as a gateway. Assuming they are it 
> should just work. Are you sure the linksys box or a chain aren't getting in 
> the way? Maybe you could post your ipchains?
> 

I have no ipchains right now but I've tried gobs of different things.  When
I'm able to get it working with the 192.168.2.0 network I was using and
old ipfwadm line from an older Slackware Linux version that I used to run.
It is:
	ipfwadm -F -a m -b -S 192.168.2.0/24 -D 0.0.0.0/0

and produces ipchain found below.  I'm not really sure what it all
means.

I've tried to add another similar ipfwadm command with no success.  What
I would really like is the proper ipchains commands to make this work
with some explaination as to what they are supposed to be doing.

As soon as I finally figure this out then everything will switch to
that iptables stuff.

Bill

---------------------------------------------------------------

Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ---f--  anywhere             anywhere              n/a
acctin     all  ------  anywhere             anywhere              n/a
acctboth   all  ------  anywhere             anywhere              n/a
inp        all  ------  anywhere             anywhere              n/a
Chain forward (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ---f--  anywhere             anywhere              n/a
fwd        all  ------  anywhere             anywhere              n/a
Chain output (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ---f--  anywhere             anywhere              n/a
acctout    all  ------  anywhere             anywhere              n/a
acctboth   all  ------  anywhere             anywhere              n/a
out        all  ------  anywhere             anywhere              n/a
Chain acctin (1 references):
Chain acctout (1 references):
Chain acctboth (2 references):
Chain inp (1 references):
Chain out (1 references):
Chain fwd (1 references):
target     prot opt     source                destination           ports
MASQ       all  ------  192.168.2.0/24       anywhere              n/a
MASQ       all  ------  anywhere             192.168.2.0/24        n/a
Chain IpFwAdM! (0 references):
target     prot opt     source                destination           ports
-          all  ------  anywhere             anywhere              n/a
-          all  ------  anywhere             anywhere              n/a





More information about the NCLUG mailing list