General discussion

Locked

Gateway Not Forwarding the packets

By kgsenthil ·
We are implementing a Linux based Firewall System with IPCHAINS.

As per our current Intenet setup,all the external IP's(Given by the ISP) are using the router as Default Gateway.

But as per our design except the external IP in the Firewall,all other IP's should use the Firewall System as the gateway.

We are able to run the Firewall Script(ie, rc.firewall in /etc/rc.d).

We have two NIC's in the firwall system.
The packets are not forwarded to internet,after making the firewall system as the Default Gateway.

We are running a DNS service(BIND) in the firewall system.The client are getting the domain the name resolved but they are not able to browse the Net.
(Packet Forwarding is enabled as IP_V4=yes)

We already enabled the forward IPCHAINS also.

Do i have to add any other configuration, to make this system as default gateway with firewall service??

Do i have to run a squid in the firewall server to increase the speed of the Net.

Thanks in advance..

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Comments

Collapse -

Gateway Not Forwarding the packets

by grumbler In reply to Gateway Not Forwarding th ...

If everyhing you want is to give your users the possibility to browse the web, then you just need to install squid. Besides saving bandwith and speeding the access, you can get a more granular control with Squid ACLs.
On the other hand if you want to give full access to the Internet, you will need to configure your firewall to use masquerading (which is a bit diferent than forwarding only). To do that, besides enabling IP packet forwarding, you will need to tell the ipchains to masquerade the packets sent to your server from the clients. Something like:
ipchains -A forward -i YOUR_EXTERNAL_ETHERNET_DEVICE -j MASQ
You can find more information about masquerading in the IP Masquerade HOWTO (http://www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html)
Besides using masquerading, i strongly advise you to run squid in the firewall server (and perhaps configuring it as a transparent proxy to make your users use always the proxy without needing any kind of special configuration)

Collapse -

Gateway Not Forwarding the packets

by kgsenthil In reply to Gateway Not Forwarding th ...

The question was auto-closed by TechRepublic

Collapse -

Gateway Not Forwarding the packets

by brianbarber In reply to Gateway Not Forwarding th ...

I know that this probably sounds like a ridiculuously partonizing suggestion. I don't mean it like that, but did you make your private,internal interface your default gateway for your users?

Collapse -

Gateway Not Forwarding the packets

by kgsenthil In reply to Gateway Not Forwarding th ...

The question was auto-closed by TechRepublic

Collapse -

Gateway Not Forwarding the packets

by kgsenthil In reply to Gateway Not Forwarding th ...

This question was auto closed due to inactivity

Back to Linux Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums