Freakin' Firewall!!!!

Hi guys,

I'm having endless battles over here.

I've been trying to setup firestarter on a computer to serve as a
router. The computer has two nics, eth0 which is connected to a switch
(which connects 2 other computers), and eth1 which connects directly to
my DSL modem.

eth1 is setup correctly, using DHCP. No problems there. I can access
the internet and such without troubles.

eth0 is setup as:
ip: 192.168.0.1
sub: 255.255.255.0
gateway: nothing
dns server: same that router uses

I have dhcp-server installed for the 192.168.0.0 subnet, with a range
of .2 - 254.

The computers on my network can be assigned ip addresses from my
dhcp-server no problem, except they cannot connect to the Internet.
They can ping the router fine though.

Anyhow, here's where the problem lies - but I don't know how to fix it
or what's wrong.
On the router, as I go through the firestarter wizard and do the
following:
1) Select eth1 as the Internet connection, and enable DHCP.
2) Select eth0 as the internal network, and enable Internet Connection
Sharing. What weird at this point is how the option to enable DHCP is
disabled.
3) Enable "Start the firewall" and click save.

Result:
Failed to start the firewall: An known error occured. Please check your
network device settings and make sure your Internet connection is
active. What weird about this though, is that the firewall IS running.

Anyhow, to get rid of the error message I disable Internet connection
sharing - but that's what I want and need!

Please guys, I have working on this for days but I am just going around
in circles.

I look forward to any replies,
Mike

> Failed to start the firewall: An known error occured. Please check your
>network device settings and make sure your Internet connection is
>active. What weird about this though, is that the firewall IS running.

Progress! I'm using Ubuntu, which uses dhcp3-server for an init script.
I just created a symlink to dhcpd and no more error message.

>The computers on my network can be assigned ip addresses from my
>dhcp-server no problem, except they cannot connect to the Internet.
>They can ping the router fine though.

I had to create an outbound rule for HTTP for the LAN. I thought that
adding a rule for HTTP for the firewall woudl work, because isn't that
the point of using NAT - having the computers on the network using the
router's ip?

Thanks,
Mike!

On 2005-12-23, Cyphos <(E-Mail Removed)> wrote:
>> Failed to start the firewall: An known error occured. Please check your
>>network device settings and make sure your Internet connection is
>>active. What weird about this though, is that the firewall IS running.
>
> Progress! I'm using Ubuntu, which uses dhcp3-server for an init script.
> I just created a symlink to dhcpd and no more error message.
>
>>The computers on my network can be assigned ip addresses from my
>>dhcp-server no problem, except they cannot connect to the Internet.
>>They can ping the router fine though.
>
> I had to create an outbound rule for HTTP for the LAN. I thought that
> adding a rule for HTTP for the firewall woudl work, because isn't that
> the point of using NAT - having the computers on the network using the
> router's ip?


I think you would do well to have a look at this:
http://iptables-tutorial.frozentux.n...s-tutorial.htm

RW

--

http://rlworkman.net