[GLLUG] ipchains
David Lee Lambert
lamber45@egr.msu.edu
Tue, 11 Feb 2003 14:48:00 -0500 (EST)
I used to use my Linux box for masquerading ssh/https/etc connections from
the LAN it's attached to, but over the Christmas break the boot
hard-drive crashed so I installed a newer version of Debian and it came
with a 2.2 series kernel. Later I compiled a custom kernel including IP
masquerading support, but when I try it out nothing happens. I can run
ipchains and add all sorts of masquerading rules to the routing tables,
but my Windows boxes still time out when I try to do TCP or ping to the
Internet.
The only thing I can think of is related to a note that I find in the
HOWTOs and in the help for the 'IP masquerading' in the
kernel-configuration:
> The IP masquerading code will only work if IP forwarding is enabled
> in your kernel; you can do this by saying Y to "/proc
> filesystem support" and "Sysctl support" below and then executing a
> line like
>
> echo "1" > /proc/sys/net/ipv4/ip_forward
>
> from a boot time script after the /proc filesystem has been mounted.
When I try doing this, I get a 'file not found' error. I do have a /proc
filesystem, and the option '/proc filesystem' is enabled in the kernel
configuration (under the section Filesystems); is there another option
elsewhere I should know about?
--
DLL
http://www.cse.msu.edu/~lamber45/