Very Computer

Here is my question,

I've installed Redhat 6.0 [Hegwit] on a old P166 using 64 Mo RAM - 1 Gb
HDD.

Everything runs well, install session (console-mode only) is ok and I
can boot :-)

This machine includes 2 Ethernet Adapters Dlink. Linux recognized only
one of them but linuxconf helped me to add the second.

This computer is 'DHCP-client' of a computer than runs NT4 Server.

Located below, my ipchains script. What should I change to get this
Linux box ready to the dynamic I.P address my ISP 'll provide me ?

Second question.

Is the Masquerading automatically setupped with IPChains ? Or is there
another way to do that ?

Thank you

J.C

#!/bin/sh

# Set up variables
INTERNALIP="192.168.1.1"
EXTERNALIP="xxx.xxx.xxx.xxx"
LOOPBACK="127.0.0.1"
NETWORKIP="192.168.1.0/24"
ANYWHERE="0.0.0.0/0"
PORTS="1024:65535"

# Flush chains
/sbin/ipchains -F

TCP_ALLOWIN="ftp-data ftp"
TCP_ALLOWOUT="echo ftp-data ftp ssh telnet smtp time whois domain
finger www pop-3 nntp ntp ircd asp"
MASQ_ALLOWIN="echo ftp-data ftp telnet smtp whois domain www pop-3 nntp
irc"

#  ********************************
#  **********> INCOMING <**********
#  ********************************

# Set default policy to deny
/sbin/ipchains -P input DENY

# Unlimited traffic within the local network
/sbin/ipchains -A input -j ACCEPT -s "$NETWORKIP" -d "$ANYWHERE"

/sbin/ipchains -A input -j ACCEPT -s "$ANYWHERE" -i lo

# Target
for SERVICES in `echo $TCP_ALLOWIN` ; do
      /sbin/ipchains -A input -j ACCEPT -p tcp -s "$ANYWHERE" \
        "$PORTS" -d "$EXTERNALIP" "$SERVICES"
done

# Return
for SERVICES in `echo $TCP_ALLOWOUT` ; do
        /sbin/ipchains -A input -j ACCEPT -p tcp -s "$ANYWHERE"
"$SERVICES" \
        -d "$EXTERNALIP" "$PORTS"
done

# DNS
/sbin/ipchains -A input -j ACCEPT -p udp -s "$ANYWHERE" \
        domain
# Log the rest
/sbin/ipchains -A input -j DENY -s "$ANYWHERE" -d "$ANYWHERE" -l

#  ********************************
#  **********> OUTGOING <**********
#  ********************************

# Set default policy to deny
/sbin/ipchains -P output DENY

# Unlimited traffic within the local network
/sbin/ipchains -A output -j ACCEPT -s "$ANYWHERE" -d "$NETWORKIP"

# Logging
/sbin/ipchains -A output -j DENY -s "$ANYWHERE" -d "$NETWORKIP" -l
/sbin/ipchains -A output -j DENY -s "$NETWORKIP" -d "$ANYWHERE" -l

# Target
for SERVICES in `echo $TCP_ALLOWOUT`; do
        /sbin/ipchains -A output -j ACCEPT -p tcp -s "$EXTERNALIP"
"$PORTS" \
        -d "$ANYWHERE" "$SERVICES"

done

# Return
for SERVICES in `echo $TCP_ALLOWIN`; do
        /sbin/ipchains -A output -j ACCEPT -p tcp -s "$EXTERNALIP"
"$SERVICES" \
        -d "$ANYWHERE" "$PORTS"
done

# DNS
/sbin/ipchains -A output -j ACCEPT -p udp -s "$EXTERNALIP" \
    -d "$ANYWHERE"
/sbin/ipchains -A output -j ACCEPT -s "$ANYWHERE" -d "$ANYWHERE"

# Log the rest
/sbin/ipchains -A output -j DENY -s "$ANYWHERE" -d "$ANYWHERE" -l

#  *********************************
#  **********> Forwarded <**********
#  *********************************

# Set default policy to deny
/sbin/ipchains -P forward DENY

for MSERVICES in `echo $MASQ_ALLOWIN`; do
        /sbin/ipchains -A forward -j MASQ -p tcp -s "$NETWORKIP" -d
"$ANYWHERE" $MSERVICES
done

# DNS
/sbin/ipchains -A forward -j MASQ -p udp -s "$NETWORKIP" -d "$ANYWHERE"
domain

# Log the rest
/sbin/ipchains -A forward -j DENY -s "$ANYWHERE" -d "$ANYWHERE" -l

------------------
--
Free audio & video emails, greeting cards and forums
Talkway - http://www.talkway.com - Talk more ways (sm)

It would be quite a challenge for me to try to debug your ipchains
script. However, there is a site that has a script that worked for
me, straight up. It's TrinityOS. Give it a look.

Mike Schoppe