[lug] Firewall spontaneously combusted???

David Anselmi anselmi at anselmi.us
Sat Sep 11 20:09:45 MDT 2004


David Morris wrote:
[...]
> The following commands should setup IP Masquerading on any
> system with multiple interfaces where eth1 is the external
> interface:
> 
>     cat 1 > /proc/sys/net/ipv4/ip_forward
>     iptables --table nat --append POSTROUTING \
>             --out-interface eth1 --jump SNAT \
>             --to <external_ip>
> 
> I can run these commands on other systems and I get IP
> Masquerading as expected.  Just before I moved I could run
> it on the Sparc LX with as well and it worked there.
> 
> Now, I run it and I get *nothing*.

What's in /etc/network/interfaces?  What does route say?

How do you set up the firewall rules?  An init script (home grown)?  Not 
sure looking at that would be helpful, but maybe if it isn't too long.

Perhaps you could put some log rules in the script and see what goes 
where.  Also a sniffer on both interfaces might be enlightening (but 
maybe a separate box for them so you aren't confused--I'm not sure how 
sniffers interact with iptables on the same box).

HTH,
Dave



More information about the LUG mailing list