Marie
Fresher
Joined: 04 Dec 2006
Posts: 14
|
 Posted: Wed Dec 06, 2006 7:14 pm Post subject: "Modprobe iptables" In the Debian Server |
 |
|
I want to make a home network. I have an old Pentium 200 with 64 Mb Ram and 4 Gigabytes of hard disk with two “realtek” network cards, and with an old version of “debian” in text form with only the essentials installed in it. Besides that, I have three other computers (with OS windows installed) which are linked to the “debian” server, with a cheap and simple switch. Below is the list of all files that I configured:
1)
/etc/network/interfaces:
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet static
address 192.168.1.1
network 192.168.1.0
netmask 255.255.255.0
broadcast 192.168.1.255
2)
/etc/gateway.rules:
/sbin/iptables -F
/sbin/iptables -t nat -F
/sbin/iptables -t mangle -F
/sbin/iptables -X
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCEPT
/sbin/iptables -P INPUT DROP
/sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -i eth0 -o eth0 -j REJECT
3)
/etc/init.d/gateway :
#! /bin/sh
# If no rules, do nothing.
[ -f /etc/gateway.rules ] || exit 0
case "$1" in
start)
echo -n "Turning on packet filtering:"
/sbin/modprobe iptable_nat
/sbin/modprobe ipt_MASQUERADE
/sbin/ipchains-restore </etc> /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
echo "."
;;
stop)
echo -n "Turning off packet filtering:"
echo 0 > /proc/sys/net/ipv4/ip_forward
/sbin/ipchains -F
/sbin/ipchains -X
/sbin/ipchains -P input ACCEPT
/sbin/ipchains -P output ACCEPT
/sbin/ipchains -P forward ACCEPT
echo "."
;;
*)
echo "Usage: /etc/init.d/gateway {start|stop}"
exit 1
;;
esac
exit 0
3)
I connected my server to my adsl provider using “pppoeconf” (in /usr/sbin).
# cd /usr/sbin
# pppoeconf
and finally I was able to browse with my server (in text form, as I don”t have the graphics installed - using “ping” command).
4)
I did the usual configurations with the internal computers (with OS windows) providing them with the static “IP”, “primary”, and “secondary” DNS Server as given by my “ISP.”
My internal computers are not able to see my server. By using the command at my server console like this:
bash# modprobe ip_tables
bash# lsmod | grep ip_tables
It gives me the error like this:
modprobe iptables not found
Using “make menuconfig,” the computer says that they are “commands not defined.”
How can I resolve my problems? |
|
Alexa
Fresher
Joined: 04 Dec 2006
Posts: 13
|
| Posted: Wed Dec 06, 2006 7:14 pm Post subject: |
|
|
In your “/etc/init.d/gateway” file, you make quite a few references to “/sbin/ipchains.” It should be “iptables,” especially when loading the “ruleset.”
Start with “ifconfig” to see which interfaces you have. Then, “dmesg” to see which interface was given to the “pppoe” connection. Do route “-n” to see which gateway was used. Do “iptables-save” to list the currently loaded “iptables” rules and “lsmod” to show the currently loaded modules.
Adjust your rules to use the interface the gateway is on, as the outgoing interface. You don’t generally need to manually load “iptables/netfilter” modules as they load when the rule is loaded. Some do need manual loading such as “ftp” and “irc” modules.
One rule states “FORWARD -i eth0 -o eth0 -j REJECT” which does nothing.
The “FORWARD” rule doesn’t do anything useful as the “POLICY” is “ACCEPT” anyway, and no rules with “DROP” anything.
You can also read the “iptables” tutorial. You can find it at:
http://iptables-tutorial.frozentux.net/iptables-tutorial.html |
|
FAQ
Search
Usergroups
Register
Profile
Check private messages
Log in
