Jim Fischer pravi:
> "Matt H" <nntp@cox.net> wrote in message
> news:pan.2003.09.21.17.46.32.292339@cox.net...
>
>>It doesn't look like you have enabled IP Masquerading on the RH9 machine.
>
> Go to:
>
>>http://en.tldp.org/HOWTO/IP-Masquerade-HOWTO/
>>-or-
>>http://tinyurl.com/o4sl
>
>
> See also section 4.1 in the "Linux 2.4 NAT HOWTO" at,
>
> http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO.html
>
> n.b. In your (the OP's) particular case, you need to specify 'eth0' as the
> output interface, and not 'ppp0' as specified in the HOWTO, i.e.,
>
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>
The easiest way to setup firewall and router is to install Firestarter
http://firestarter.sourceforge.net . It is GUI program, very easy to
setup and to customize.

In article <bkmjgd$jta$1@planja.arnes.si>, sasa@stupar.homelinux.net
says...
> Jim Fischer pravi:
> > "Matt H" <nntp@cox.net> wrote in message
> > news:pan.2003.09.21.17.46.32.292339@cox.net...
> >
> >>It doesn't look like you have enabled IP Masquerading on the RH9 machine.
> >
> > Go to:
> >
> >>http://en.tldp.org/HOWTO/IP-Masquerade-HOWTO/
> >>-or-
> >>http://tinyurl.com/o4sl
> >
> >
> > See also section 4.1 in the "Linux 2.4 NAT HOWTO" at,
> >
> > http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO.html
> >
> > n.b. In your (the OP's) particular case, you need to specify 'eth0' as the
> > output interface, and not 'ppp0' as specified in the HOWTO, i.e.,
> >
> > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> >
> The easiest way to setup firewall and router is to install Firestarter
> http://firestarter.sourceforge.net . It is GUI program, very easy to
> setup and to customize.
>
>
OK, here's what I've done so far.

I created a new line in '/etc/rc.d/rc.local' stating:
'/etc/rc.d/rc.ipmasq'

I then created the file '/etc/rc.d/rc.ipmasq' that states:
---------------------------------
#!/bin/sh
IPTABLES=/sbin/iptables

#All The lines below are NAT routing

# flush any old rules
$IPTABLES -F -t nat

# turn on NAT (IP masquerading for outgoing packets). Eth0 is the
internet NIC, eth1 is the network.
$IPTABLES -A POSTROUTING -t nat -o eth0 -j MASQUERADE

# enable IP forwarding (of incoming packets)
echo 1 > /proc/sys/net/ipv4/ip_forward
---------------------------------

I've CHMOD 755 the script and I then evoke it from shell using
'/etc/rc.d/rc.ipmasq'.

My clients can ping the host (192.168.0.1) and the host can ping them
whether I use DHCP for IP addressing or force the IP addresses
(192.168.0.2, etc...). I don't know the pri/sec DNS address for my ISP
but I'm not sure this really matters.

I still cannot access the internet from the clients (cannot ping any
external addresses). When I log out its apparent that the Linux machine
had switched on IP forwarding (since it shows it closing down). What
I'm I missing here? Is it the lack of DNS entries? Is '$iptables' the
correct syntax?

Am I getting warmer?
--
Sti©ky
sti©kybill@hotmail.com
(amend the © if replying by e-mail)

Success. I added the DNS addresses and now it works.

Thanks all.
--
Sti©ky
sti©kybill@hotmail.com
(amend the © if replying by e-mail)