[NTLUG:Discuss] Need Network Configuration Advice.

George E. Lass George.Lass at osc.com
Thu Jan 27 10:57:32 CST 2000


Bobby Wrenn wrote:
> 
> You will need to run enable ip-forwarding in your kernel and run
> ipchains. You seem to have the system set up correctly.
> 
> In a recent post Chris Cox gave this minimum configuration:
> As root do:
> ipchains -A forward -j MASQ -s 192.168.X.0/24 -d 0.0.0.0/0
> echo 1 >/proc/sys/net/ipv4/ip_forward
> 
> Replace X with your network identifier for your private net.
> e.g. 192.168.4.0
> 
> This is a minimum configuration and provide no security. I will send the
> script I use directly to you. I will need some tweaking for your system
> but that should be easy.


I'm not sure about 6.1, but in 5.2 if you want to be able to ftp
from your local network to the internet, you have to also allow
IP masquerading for ftp (also real audio, ipx & appletalk).  These
can only be enabled as modules in your kernel.  I would also
suggest that you restrict access thru your Linux "router" via
/etc/hosts.allow & /etc/hosts.deny.  See: "man hosts.allow"
for more info on the format of these tables.

George




More information about the Discuss mailing list