[olug] Firewall Newbie needs help

Jonathan Warren thechunk at cox.net
Wed Mar 5 16:17:49 UTC 2003


Here is all it think you need for MASQUERADE.  Did you modprobe ipt_nat and ipt_MASQUERADE?

/sbin/modprobe iptable_filter
/sbin/modprobe iptable_nat
/sbin/modprobe ipt_MASQUERADE
/sbin/modprobe ip_nat_irc
/sbin/modprobe ip_conntrack_irc
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_nat_ftp

/usr/sbin/iptables -v -t nat -F
/usr/sbin/iptables -v -F


/usr/sbin/iptables -A OUTPUT -m state -p icmp --state INVALID -j DROP
/usr/sbin/iptables -A INPUT -p tcp --dport 137:139 -i eth0 -j DROP
/usr/sbin/iptables -A INPUT -p tcp --dport 901 -i eth0 -j DROP

/usr/sbin/iptables -v -P INPUT ACCEPT
/usr/sbin/iptables -v -t nat -P POSTROUTING ACCEPT
/usr/sbin/iptables -v -t nat -A POSTROUTING -o eth0 -j MASQUERADE


On Wed, Mar 05, 2003 at 10:10:44AM -0600, Mike Hostetler wrote:
> 
> I've finally got around to getting my wife's old PC out of the closet,
> putting another NIC card into my Linux box, and then have two machines
> using my Cox connection.  (The other machine now has BeOS R5 installed,
> which is pretty cool, even though it isn't much more than a plaything).
> 
> I have both machines up and going, reconfigured the kernel (2.4.20)
> as a router, and shut off ICMP, martians, etc. within /proc. 
> 
> Now I'm working my my tables. From the various help on the net, this
> should work, but doesn't:
> 
> gideon linux-2.4.20-gentoo-r1 # iptables -t nat -A POSTROUTING -o eth0 -j
> MASQUERADE
> iptables: Invalid argument
> 
> What argument isn't valid?
> 
> -- mikeh
>  
> 
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug



More information about the OLUG mailing list