[NCLUG] I'm wearing my ball and ipchains. Please help.
R P Herrold
herrold at owlriver.com
Tue Feb 20 01:03:05 MST 2001
On Tue, 20 Feb 2001, Bill Thorson wrote:
herrold:
> > > There needs to be a simple forward (no masq) rule bridging
> > > 192.168.2.0/24 and 192.168.1.0/24
Try:
/sbin/depmod -a/
/sbin/modprobe ip_masq_ftp.o
/sbin/ipfwadm -F -f
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a accept -m -b -S 192.168.2.0/22 -D 0.0.0.0/0
/sbin/ipfwadm -F -a accept -b -S 192.168.2.0/24 -D 192.168.1.0/24
echo 1 > /proc/sys/net/ipv4/ip_forward
... that is -- flush all; set a default deny policy; allow
outside masq'd transactions for both legs; and unrestricted
flow on the two interior legs ... and then turn them up ...
-- Russ
More information about the NCLUG
mailing list