Firewalling on Linux 2.4

Christopher White cwhite at softquad.com
Tue Jun 19 17:38:29 PDT 2001


Hi!

Anyone out there know how to get iptables to work?  I've been using ipchains
for some time, and it's been quite satisfactory.  However, I'd like to move
up to Linux 2.4 (I'm using Red Hat 7.1), and, while ipchains still works,
there's no FTP masquerading module available.  So I tried iptables (yes, I
looked at the IP Masquerading HOWTO, and Rusty's Unreliable Guide to Linux
NAT), but when I type in the commands (after flushing out and removing the
ipchains module) forwarding just doesn't happen.

I'm doing simple firewalling -- no fancy port forwarding or anything else.
I like to think of it as a two-way mirror: the inside can see out, but the
outside can't see in.  Here's what I had in my /etc/sysconfig/ipchains file:

:input ACCEPT
:forward DENY
:output ACCEPT
-A forward -s 192.168.110.0/0 -d 0.0.0.0/0.0.0.0 -j MASQ

What do I have to do to get iptables to give me the same functionality?
Anyone know?

Thanx in advance.

--Chris

P.S.  On the other thread about ISPs in Sonoma, someone mentioned ATG.
We're using ATG here at SoftQuad, and it's been just fine (a minor outage or
two, but everyone has those).  When PacBell (read Northpoint Communications)
pulled the plug on my IDSL, I switched to ATG (which gave me fewer hops to
the office).  I'd had nothing but trouble with PacBell (like in
*nightmare*).  ATG seems faster than PacBell, even though IDSL is fixed at
144K.  As was mentioned, ATG is just for businesses, but if your employer is
using ATG, they can set you up at home with their service.

_____________________________________________
Christopher T. White
Manager of System Administration
SoftQuad Professional Services
SoftQuad Software, Inc.
1310 Redwood Way, Ste. 120
Petaluma  CA  94954
Voice: 707-794-7000 x16
FAX: 707-794-7009
http://www.softquad.com 



More information about the talk mailing list