Simple Routing with Redhat 9

Greetings,
This has been keeping me awake for 3 days now, so I am turning to you
for help.
My objective is to set up a simple firewall using iptables using RH9
as my gateway. I have 8 ip addresses [5 usable] starting from
64.138.38.42 - 46.
..41 is the ip address of the modem. .47 is the broadcast ip.
I have 2 NICs eth0[external] -64.138.38.42 and 64.138.38.45; gateway =
..41
the other NIC, internal, is 192.168.1.101, with no gateway. I have
routing enabled so the workstations on the internal LAN can browse the
net.
Simple, isn't it?
There are no iptables rules loaded at this time, so anyone is free to
go in and out. The problem is that when I telnet into the firewall .42
and issue wget from the server on the local LAN [.108] to get me a
small image [about 100 bytes] everything is fine, but when the image
size is larger 10K+ the wget either hangs or very slow.
I am running snort to log the packets and i see the packets being send
in and out of the server [.108], but the process never completes.
anyone had similar experience? any idea's what is going on?
i appreciate any help,

misha

Jimbo Johnes in (E-Mail Removed) magna cum
audacia dixit:

[zac]
> My objective is to set up a simple firewall using iptables using RH9
> as my gateway. I have 8 ip addresses [5 usable] starting from
> 64.138.38.42 - 46.
> .41 is the ip address of the modem. .47 is the broadcast ip.
> I have 2 NICs eth0[external] -64.138.38.42 and 64.138.38.45; gateway =
> .41

Why have you set up your LAN with public ip?

I probably would have done this way:
- one NIC with the modem and the public ip - 64.138.38.41
- the second NIC with private ip connected to the hub (i presume) -
192.168.0.1
than you need to setup your clients with the range of the internal lan
192.168.0.[2;255] same subnet.

setup your clients with default gateway=192.168.0.1 then the DNS=your_dns.

Now on the server enable ipforward and NAT and MASQUERADE pkts outgoing from
modem with a script at startup that could be:

##################################
echo 1 > /proc/sys/net/ipv4/ip_forward

# Variables
IF_WITH_MODEM =eth0

iptables -F
iptables -X
iptables -t nat -A POSTROUTING -o $IF_WITH_MODEM -j MASQUERADE
iptables -A INPUT -i $IF_WITH_MODEM -p tcp --syn -j DROP
###################################

Hope this help.

Bye!
--
>>>>>>>>>>>>>>><<<<<<<<<<<<<<<

Arsenio Lupin

On Thu, 13 Nov 2003 11:54:37 +0000, Jimbo Johnes wrote:

> Greetings,
> This has been keeping me awake for 3 days now, so I am turning to you for
> help.
> My objective is to set up a simple firewall using iptables using RH9 as my
> gateway. I have 8 ip addresses [5 usable] starting from 64.138.38.42 - 46.
> .41 is the ip address of the modem. .47 is the broadcast ip. I have 2 NICs
> eth0[external] -64.138.38.42 and 64.138.38.45; gateway = .41
> the other NIC, internal, is 192.168.1.101, with no gateway. I have routing
> enabled so the workstations on the internal LAN can browse the net.
> Simple, isn't it?
> There are no iptables rules loaded at this time, so anyone is free to go
> in and out. The problem is that when I telnet into the firewall .42 and
> issue wget from the server on the local LAN [.108] to get me a small image
> [about 100 bytes] everything is fine, but when the image size is larger
> 10K+ the wget either hangs or very slow. I am running snort to log the
> packets and i see the packets being send in and out of the server [.108],
> but the process never completes. anyone had similar experience? any idea's
> what is going on? i appreciate any help,
>
> misha

No, but your next problem is going to be the massive denial of service
attack you'll, no doubt, be under for cross-posting and including your IP
address.

--
i.m.
The USA Patriot Act is the most unpatriotic act in American history.