Very Computer

Hello,

got a problem configuring a router Firewall....Please help :-)

Situation:
Have network wit NT $.0 WS clients (192.168.2.0/24 Adress space) and a Linux
Router/Firewall. Internet Access via Dial up ISDN Line to T-Online. Internet
Access works fine with no ipfwadm Rules specified. Once I start stating
rules in /etc/ppp/ip-up I can't access any more, though I can ping the DNS
Server

I specified the follwing rules:

# flush
ipfwadm -I -f
ipfwadm -O -f
ipfwadm -F -f

# default deny
ipfwadm -I -p deny
ipfwadm -O -p deny
ipfwadm -F -p deny

# accept access to dns from LAN (T-Online Name Server
# 194.25.2.129)
# by CT, Dr. Diedrich:
ipfwadm -F -a accept -m -b -P udp -S 192.168.2.0/24 -D 194.25.2.129 53
ipfwadm -I -a accept -P udp -W $INTERFACE -S 194.25.2.129 53
ipfwadm -O -a accept -P udp -W $INTERFACE -D 194.25.2.129 53
ipfwadm -I -a accept -P udp -W eth0 -D 194.25.2.129 53
ipfwadm -O -a accept -P udp -W eth0 -S 194.25.2.129 53

# Access to Web-Server via T-Online Proxy Server 193.158.131.166 Port 80
ipfwadm -F -a accept -m -b -P tcp -S 192.168.2.0/24 -D 193.158.131.166 80
ipfwadm -I -a accept -P tcp -W $INTERFACE -k -S 193.158.131.166 80
ipfwadm -O -a accept -P tcp -W $INTERFACE -k -D 193.158.131.166 80
ipfwadm -I -a accept -P tcp -W eth0 -D 193.158.131.166 80
ipfwadm -O -a accept -P tcp -W eth0 -S 193.158.131.166 80

I also tried to use 0.0.0.0/0 80 instead of the T-Online Proxy IP. It makes
no difference wether I define proxy settings in the Client browsers or not.

Where is my problem???

Thanks for hints,

Till

Hi Till,

Grab your answer in de.comp.os.unix.networking, where you asked same
stuff in German.

Malware