Results 1 to 2 of 2

Thread: redhat 8 and windows xp pro with ip masquerading, how to set it up so it works...

  1. #1
    Senior Member
    Join Date
    Aug 2001

    redhat 8 and windows xp pro with ip masquerading, how to set it up so it works...

    im trying to set up ip masquerading with my redhat 8 box so my xp pro box can access the 'net through it as a gateway, its mainly for the purpose of having 2 net enabled computers so other people can use the net at the same time as im using it

    ive got a network set up with the 2 computers on it, one with xp pro and one with redhat 8, i have samba running and when im on the net on the linux box the samba share doesnt work, unless its because ive messed up the settings one th network

    anyway has anyone got any idea as to how i need to set this thing up, i know that redhat 8 supposedly has ip-masq built into the kernel so how do i set it up to get it working properly

    here my firewall setup for the forwarding and masq stuff:

    # rc.firewall - Initial SIMPLE IP Masquerade test for 2.1.x and 2.2.x kernels
    # using IPCHAINS
    # Load all required IP MASQ modules
    # NOTE: Only load the IP MASQ modules you need. All current IP MASQ modules
    # are shown below but are commented out from loading.

    # Needed to initially load modules
    /sbin/depmod -a

    # Supports the proper masquerading of FTP file transfers using the PORT method
    /sbin/modprobe ip_masq_ftp

    # Supports the masquerading of RealAudio over UDP. Without this module,
    # RealAudio WILL function but in TCP mode. This can cause a reduction
    # in sound quality
    #/sbin/modprobe ip_masq_raudio

    # Supports the masquerading of IRC DCC file transfers
    #/sbin/modprobe ip_masq_irc

    # Supports the masquerading of Quake and QuakeWorld by default. This modules is
    # for for multiple users behind the Linux MASQ server. If you are going to
    # play Quake I, II, and III, use the second example.
    # NOTE: If you get ERRORs loading the QUAKE module, you are running an old
    # ----- kernel that has bugs in it. Please upgrade to the newest kernel.
    #Quake I / QuakeWorld (ports 26000 and 27000)
    #/sbin/modprobe ip_masq_quake
    #Quake I/II/III / QuakeWorld (ports 26000, 27000, 27910, 27960)
    #/sbin/modprobe ip_masq_quake 26000,27000,27910,27960

    # Supports the masquerading of the CuSeeme video conferencing software
    #/sbin/modprobe ip_masq_cuseeme

    #Supports the masquerading of the VDO-live video conferencing software
    #/sbin/modprobe ip_masq_vdolive

    #CRITICAL: Enable IP forwarding since it is disabled by default since
    # Redhat Users: you may try changing the options in
    # /etc/sysconfig/network from:
    # FORWARD_IPV4=false
    # to
    # FORWARD_IPV4=true
    echo "1" > /proc/sys/net/ipv4/ip_forward

    #CRITICAL: Enable automatic IP defragmenting since it is disabled by default
    # in 2.2.x kernels. This used to be a compile-time option but the
    # behavior was changed in 2.2.12
    echo "1" > /proc/sys/net/ipv4/ip_always_defrag

    # Dynamic IP users:
    # If you get your IP address dynamically from SLIP, PPP, or DHCP, enable this # following option. This enables dynamic-ip address hacking in IP MASQ,
    # making the life with Diald and similar programs much easier.
    echo "1" > /proc/sys/net/ipv4/ip_dynaddr

    # Enable the LooseUDP patch which some Internet-based games require
    # If you are trying to get an Internet game to work through your IP MASQ box,
    # and you have set it up to the best of your ability without it working, try
    # enabling this option (delete the "#" character). This option is disabled
    # by default due to possible internal machine UDP port scanning
    # vunerabilities.
    #echo "1" > /proc/sys/net/ipv4/ip_masq_udp_dloose

    # MASQ timeouts
    # 2 hrs timeout for TCP session timeouts
    # 10 sec timeout for traffic after the TCP/IP "FIN" packet is received
    # 160 sec timeout for UDP traffic (Important for MASQ'ed ICQ users)
    /sbin/ipchains -M -S 7200 10 160

    # DHCP: For people who receive their external IP address from either DHCP or
    # BOOTP such as ADSL or Cablemodem users, it is necessary to use the
    # following before the deny command. The "bootp_client_net_if_name"
    # should be replaced the name of the link that the DHCP/BOOTP server
    # will put an address on to? This will be something like "eth0",
    # "eth1", etc.
    # This example is currently commented out.
    #/sbin/ipchains -A input -j ACCEPT -i bootp_clients_net_if_name -s 0/0 67 -d 0/0 68 -p udp

    # Enable simple IP forwarding and Masquerading
    # NOTE: The following is an example for an internal LAN address in the
    # 192.168.0.x network with a or a "24" bit subnet mask
    # connecting to the Internet on interface eth0.
    # ** Please change this network number, subnet mask, and your Internet
    # ** connection interface name to match your internal LAN setup
    /sbin/ipchains -P forward DENY
    /sbin/ipchains -A forward -i eth0 -s -j MASQ
    /sbin/ipchains -A forward -i eth0 -s -j MASQ

    *end of firewall file*

    and here is my rc.local file setup

    # This script will be executed *after* all the other init scripts.
    # You can put your own initialization stuff in here if you don't
    # want to do the full Sys V style init stuff.

    touch /var/lock/subsys/local

    echo "Loading the rc.firewall rules" /etc/rc.d/rc.firewall

    *end of file*

    ive read all the manuals and docs that i can and im just becoming more confused with the more stuff that i read as most of the docs that ive found are either too old and dont explain xp or are just too complicated to understand, if anyone can help or if anyone knows of an extremely simple tutorial on how to get redhat 8 and winXP to work with ip-masq id really appreciate it


  2. #2
    Senior Member
    Join Date
    Aug 2001

    sorted out the problem at last... *blushing*

    finally worked out why my ip-masq wasn't working like it should....
    i forgot that i had both computers firewalled, no wonder no data was getting through

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts