firewall setup trouble

firewall setup trouble

Post by Roman Hlynovs » Fri, 05 Oct 2001 19:38:10



Hello!

 My current configuration looks like this:
                     ISP
                       |
                   router (x.x.x.1)
                       |
                    switch
                   | | | | |
              other machines

Now I want to insert firewall box like so:

                     ISP
                       |
                   router (x.x.x.1)
                       |
                   (x.x.x.2)
                   firewall
                   (x.x.x.3)
                       |
                    switch
                   | | | | |
              other machines

 But during a configuration I have faced with a problem that router
can ping both
 interfaces but not other machines on the net, and any machine on the
net can ping only both interfaces. firewall script looks like this:

 /sbin/ifconfig eth0 x.x.x.2 netmask 255.255.255.128
 /sbin/ifconfig eth1 x.x.x.3 netmask 255.255.255.128
 /sbin/route del -net x.x.x.0 netmask 255.255.255.128 dev eth0
 /sbin/route del -net x.x.x.0 netmask 255.255.255.128 dev eth1
 /sbin/route add -host x.x.x.1 dev eth0
 /sbin/route add -net x.x.x.0 netmask 255.255.255.128 dev eth1
 /sbin/route add default dev eth0
 /bin/echo '1'> /proc/sys/net/ipv4/conf/all/forwarding
 /bin/echo '1'> /proc/sys/net/ipv4/conf/all/proxy_arp

 is there anything I missed during configuration?

PS: if it's important, kernel version is 2.2.19

Thanks, Roman

 
 
 

firewall setup trouble

Post by Dean Thompso » Fri, 05 Oct 2001 20:08:30


Hi!,

Quote:>  My current configuration looks like this:
>                      ISP
>                        |
>                    router (x.x.x.1)
>                        |
>                     switch
>                    | | | | |
>               other machines

> Now I want to insert firewall box like so:

>                      ISP
>                        |
>                    router (x.x.x.1)
>                        |
>                    (x.x.x.2)
>                    firewall
>                    (x.x.x.3)
>                        |
>                     switch
>                    | | | | |
>               other machines

>  But during a configuration I have faced with a problem that router
> can ping both
>  interfaces but not other machines on the net, and any machine on the
> net can ping only both interfaces. firewall script looks like this:

>  /sbin/ifconfig eth0 x.x.x.2 netmask 255.255.255.128
>  /sbin/ifconfig eth1 x.x.x.3 netmask 255.255.255.128
>  /sbin/route del -net x.x.x.0 netmask 255.255.255.128 dev eth0
>  /sbin/route del -net x.x.x.0 netmask 255.255.255.128 dev eth1
>  /sbin/route add -host x.x.x.1 dev eth0
>  /sbin/route add -net x.x.x.0 netmask 255.255.255.128 dev eth1
>  /sbin/route add default dev eth0
>  /bin/echo '1'> /proc/sys/net/ipv4/conf/all/forwarding
>  /bin/echo '1'> /proc/sys/net/ipv4/conf/all/proxy_arp

I presume you also have:

echo "1" > /proc/sys/net/ipv4/ip_forward

Quote:

>  is there anything I missed during configuration?

If you put a manual proxy arp command in with the arp command , does it work ?

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

1. Firewall setup - ?network setup during installation

Hi

I am a beginner.

I could install the OpenBSD 2.6. However in the network setup during the
installation I wasn't quite sure what to do.
I want to use it as a firewall to protect a windows-network.

My setup:
1 NT Server, 4 WS
Firewall (Openbsd, Squid, Openssh, QMail) => connected with NT-Server,
not part of the windows network

Windows NT
(to network) nt     10.0.0.1
(to firewall)   nt     10.0.1.2

Firewall        fw    10.0.1.1

PPP-setup was not a problem

*****
*  1.*
*****
I entered the following values at the prompts: Is that correct?
Default route: router-adress ISP (eunet-gw.mydomain.xx)
Primary nameserver: DNS 1 from ISP

*****
*  2.*
*****
The following resolv.conf was created: (What is the meaning of this
file?? Where is doc??)
search mydomain.xx
nameserver xxx.xxx.xxx.xxx (DNS 1 from ISP)
lookup file bind                                                    ==>
what means that???

*****
*  3.*
*****
I want to use x-window. I installed the packages: xserv26.tar.gz
xbase26.tar.gz
When I try to start x-windows with xdm there is no error message like
command not found. But it isn't starting up.
How to configure?

Thank you very much
Best regards
Andreas

2. How to deny a user access to the Internet?

3. More@!!.. Panasonic/SB-CD troubles, trouble, trouble...

4. routing socket problem

5. Trouble, trouble, trouble - SCSI ?

6. Q:XF86 Configuration 15" Vivitron, Cirrus 5422 Video Card

7. Trouble with Mac behind Linux Firewall

8. two monitors

9. A trouble about my firewall

10. Firewall trouble

11. Gateway/Firewall Troubles

12. firewall trouble

13. Firewall config trouble [OpenBSD 2.6]