Help with SuSE 6.3 IP Masquerading

Help with SuSE 6.3 IP Masquerading

Post by Bill Mosele » Sun, 31 Dec 1899 09:00:00



Ok, I've done my best to get this working over the last few days,
searching list archives and reading the IP Masquerading
HOWTO, and I think I'm close.... But, I know I'm missing something
really obvious.  I know a zillion people have this working.

Simple setup with SuSE with modem to ISP, and Win98 machine on internal
network.

             Internet
                ^
                |
     SuSE box with IP Masquerading
         ( 192.168.10.99 )
                ^
                |
     win98 on private internal net
        ( 192.168.10.98 )

1) I've rpm'ed the latest firewal 2.0 from SuSE

2) Followed the EXAMPLES file without luck

3) wvdial works fine and dials my ISP and connects PPP

4) 'SuSEfirewall start' starts the firewall without problem
   Note is in /var/adm/messages stating startup successful

5) Can access the Internet just fine from the SuSE box
   (telnet, ping, http, traceroute all work)

6) Can telnet/http etc. to the SuSE machine from Win98
   without a problem -- internal network works fine

Trying to access external (Internet) URL from the Win98 box (through the
SuSE IP Masquerading box) generates this error in /var/log/messages:

Mar 18 07:53:08 SuSE kernel: Packet log: forward DENY ppp0 PROTO=6
192.168.0.98:1152 209.144.167.153:80 L=48 S=0x00 I=43797 F=0x4000 T=127
SYN
(#2)

Looks like a firewall configuration problem, no?  Here's the setup:

SuSE 6.3
firewal 2.0-5 loaded by rpm yesterday.

SuSE box:  192.168.10.99
Win98 box: 192.168.10.98

Using:
   /sbin/init.d/firewall start
or
   SuSEfirewall start

/etc/rc.config: START_FW="yes"

/etc/rc.config.d/firewall.config.
FW_DEV_WORLD="ppp0"
FW_DEV_INT="eth0"
FW_DEV_DMZ=""
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_NETS="192.168.10.0/24"
FW_MASQ_DEV="$FW_DEV_WORLD"     # e.g. "ippp0" or "$FW_DEV_WORLD"
FW_PROTECT_FROM_INTERNAL="no"
FW_AUTOPROTECT_GLOBAL_SERVICES="no"
FW_SERVICES_EXTERNAL_TCP=""
FW_SERVICES_EXTERNAL_UDP=""
FW_SERVICES_DMZ_TCP=""    
FW_SERVICES_DMZ_UDP=""    
FW_SERVICES_INTERNAL_TCP=""
FW_SERVICES_INTERNAL_UDP=""
FW_TRUSTED_NETS=""
FW_SERVICES_TRUSTED_TCP=""
FW_SERVICES_TRUSTED_UDP=""
FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes"  
FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes"  
FW_SERVICE_DNS="no"53
FW_SERVICE_DHCLIENT="no"address
FW_SERVICE_DHCPD="no"  
FW_FORWARD_TCP=""      
FW_FORWARD_UDP=""      
FW_REDIRECT_TCP=""
FW_REDIRECT_UDP=""
FW_LOG_DENY_CRIT="yes"
FW_LOG_DENY_ALL="yes"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"
FW_KERNEL_SECURITY="yes"
FW_STOP_KEEP_ROUTING_STATE="no"
FW_ALLOW_PING_FW="yes"
FW_ALLOW_PING_DMZ="no"
FW_ALLOW_FW_TRACEROUTE="no"
FW_ALLOW_FW_SOURCEQUENCH="yes"
FW_MASQ_MODULES="autofw cuseeme ftp irc mfw portfw quake raudio user
vdolive"

--

pls note the one line sig, not counting this one.

 
 
 

1. TCP/IP @ LAN with SuSE 6.3 and W2K.

Hi there.

I would like to setup a simple LAN between this SuSE 6.3 Linux PC and a
PC running Windows 2000.
I've setup the hardware on both computers, using kernel modules on the
Linux PC (eth0) and plug+play under W2k. Establishing a TCP/IP
connection between the two PC's on no problem under Windows, but when
one is running SuSE i Don't know what to do!

All I need is to establish simple FTP connections through a TCP/IP
connection between the two PC's.
What do I need to setup under Linux, and what do I need to on the
Win-pc?

I've tried a lot of stuff, but I still can't ping between the PCs. Is
there a FAQ for this that I want to do?
I've struggled with subnets, dynamic IP's, and even tried to run a DNS
server on the LInux PC to give the WindowsPC an IP...  Still I can't
establish a connection.

Andreas-->Linuxfan.

2. newbie problem(modem)

3. Help for Minolta Page Pro 6 L Driver for Linux SUSE 6.3

4. GCC parse errors and compilation problems

5. BS Live! under Suse 6.3 HELP!!!

6. Compiling C++ Email Virus Renamer

7. Need help with SAMBA on SusE 6.3

8. New or Revised TAs on websco, 951021

9. Help install Suse 6.3 -ftp

10. Suse 6.3 & PPP Help!!!!!!

11. Help: access denied to device ttyS1(serial port COM1) in SusE Linux 6.3

12. Help for Linux Suse Ver. 6.3

13. Help w/ SuSE 6.3 install crash - or any jobs open?