Find the answer to your Linux question:
Results 1 to 2 of 2
I'm new to linux and I want to place an old computer in between my cable modem and 4-port router to act as a proxy server. I have 2 NICs ...
  1. 04-08-2006 #1
    Kakalak
    Kakalak is offline
    Just Joined! Kakalak's Avatar
    Join Date
    Apr 2006
    Location
    South Carolina
    Posts
    9

    Help setting up proxy/nat server

    I'm new to linux and I want to place an old computer in between my cable modem and 4-port router to act as a proxy server. I have 2 NICs installed on my linux box and can surf the internet and download updates on both. With my cable modem plug into the external NIC of my linux box and my router pluged into the internal I can surf the web on my linux box and but not my pc, which is plugged into the router. I can ping the internal NIC from my pc through my router but nothing else.

    I am using woody 3.0 w/ a 2.2 kernal and have included the necessary /proc/net/ip_masq files.

    Also I'm using dhcp to get an ip for the ext. NIC and I'm getting a subnet mask of 255.255.240.0 from my cable modem when the rest are 255.255.255.0. Could this be the problem?


    Here is the script i'm using...

    #!/bin/sh

    INTLAN="192.168.0.0/24" <------- not exactly sure what to set this too
    INTIF="eth0"
    EXTIF="eth1"

    echo "1" > /proc/sys/net/ipv4/ip_dynaddr
    /sbin/ipchains -A input -j ACCEPT -i $EXTIF -s 0/0 67 -d 0/0 68 -p udp
    EXTIP="`/sbin/ifconfig eth1 | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"

    /sbin/depmod -a
    /sbin/modprobe ip_masq_ftp
    /sbin/modprobe ip_masq_raudio

    echo "1" > /proc/sys/net/ipv4/ip_forward
    echo "1" > /proc/sys/net/ipv4/ip_always_defrag

    /sbin/ipchains -M -S 7200 10 160

    ipchains -F input
    ipchains -P input REJECT
    ipchains -A input -i $INTIF -s $INTLAN -d 0.0.0.0/0 -j ACCEPT
    ipchains -A input -i $EXTIF -s $INTLAN -d 0.0.0.0/0 -l -j REJECT
    ipchains -A input -i $EXTIF -s 0.0.0.0/0 -d $EXTIP/32 -j ACCEPT
    ipchains -A input -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT

    ipchains -F output
    ipchains -P output REJECT
    ipchains -A output -i $INTIF -s 0.0.0.0/0 -d $INTLAN -j ACCEPT
    ipchains -A output -i $EXTIF -s 0.0.0.0/0 -d $INTLAN -l -j REJECT
    ipchains -A output -i $EXTIF -s $INTLAN -d 0.0.0.0/0 -l -j REJECT
    ipchains -A output -i $EXTIF -s $EXTIP/32 -d 0.0.0.0/0 -j ACCEPT
    ipchains -A output -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT

    ipchains -F forward
    ipchains -P forward DENY
    ipchains -A forward -i $EXTIF -s $INTLAN -d 0.0.0.0/0 -j MASQ
    Reply With Quote Reply With Quote
  2. 04-09-2006 #2
    Kakalak
    Kakalak is offline
    Just Joined! Kakalak's Avatar
    Join Date
    Apr 2006
    Location
    South Carolina
    Posts
    9

    Update...

    I've updated to the 2.4 kernel and am now using firestarter. Thx for the help...
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules