This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Masquerading Help - I think i'm missing the plot :)

Hi Guys,

I've just got astaro up and running.  [:)]

Now i've managed to get the http proxy running, so i'm getting web stuff through, i'm just having trouble with masq stuff.

Here is my configuration

Internal Interface 192.168.0.100
Internal Machines - 192.168.0.2
                  - 192.168.0.3
External Interface - 212.xxx.xxx.xxx

Now the two interfaces are setup in interfaces and in def->networks i have the internal and external nets setup (i think) as  192.168.0.100/255.255.255.255 and 212.xxx.xxx.xxx/255.255.255.255 (why is is x.x.x.255?)

In masq i have the Internal Network -> Extermal Card... But it's not working.

Can anyone help, cheers.  [;)]

Basskiwi.

This thread was automatically locked due to age.

0 tn5pybw02 over 23 years ago in reply to STICF

The rules i have setup are

local->any allow
any->local deny

I would have thought that the any->local wouldn't do any dropping becasue of the masq stuff (connection originated inside).

If i don't have any->local (drop) then it would be either masq box with everything open or a firewall with everything closed. This doesn't seem right.
Cancel
Vote Up 0 Vote Down

Cancel
0 giallu over 23 years ago in reply to tn5pybw02

dear basskiwi,

I really really urge you to follow closely the advices you received here, and I'm sure you can't fail. We have working installations, and all of those are pretty similar to the one you're trying to set up.

In short, I'm not sure to have understood your last post, but for sure the second rule you reported ( any->local deny) is at least redundant (since default policy for packets that do not match any chain is DENY) but it is probable you're not getting any traffic because of it.

Of course you can check if packects are dropped by looking the kernel log ( or the livelog ).

good luck
Cancel
Vote Up 0 Vote Down

Cancel