Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 63 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here

Linux Knowledge Base and Tutorial: Forums

Linux Tutorial :: View topic - IPChains / Masquerading
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

IPChains / Masquerading

Post new topic   Reply to topic    Linux Tutorial Forum Index -> How To
View previous topic :: View next topic  
Author Message

Joined: Nov 12, 2003
Posts: 2

PostPosted: Wed Nov 12, 2003 4:27 pm    Post subject: IPChains / Masquerading Reply with quote

I currently have a RedHat 6 box running as an internet server / firewall using a basic ipchains script:

/sbin/ipchains -F
/sbin/ipchains -X
/sbin/ipchains input ACCEPT
/sbin/ipchains forward DENY

/sbin/ipchains -A forward -s -j MASQ
/sbin/ipchains -A input -p tcp -s 0/0 -d 0/0 515 -j DENY
/sbin/ipchains -A input -p tcp -s 0/0 -d 0/0 6000 -j DENY
/sbin/ipchains -M -S 7200 0 0

A friend gave me the script and files, I set it up and started it from the rc.local on boot and all was fine.

Ive recently upgraded my computer - and built a new one from the old bits, I plan to make this my new firewall / internet gateway.

Ive tried these scripts but get various errors like "ipchains: Protocol not available" and "ipchains: incompatible with this kernel".

I guess this is too old for RedHat 9 (which I have installed on this new server - like a week before they announced it was to end!!!). Either way, doesnt bother me much as I am likely to leave it for 2-3 years once set up!

[b]The big question is then:[/b]

Is there a better program / script out there available which can be used on RH9? Will it act as a basic firewall, and act as a default gateway to the internet using IP Masquerading or something similar to allow local machines on my LAN to access the internet through a single machine (which is connected to a 56k modem Sad ).

Or is this script fine with a few modifications - if so what do I need to install to get it working again!

Many thanks for the help provided

[BTW, im another one of them CertForums guys looking further afield for help on Linux!!!]
Back to top
View user's profile Send private message

Joined: Nov 21, 2003
Posts: 1

PostPosted: Fri Nov 21, 2003 10:31 pm    Post subject: Reply with quote


ipchains hav been replaced with much powerful firewall IPTABLES which is by far more advanced than ipchains.

use the following in ur rc.local to MASQ :

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -A input -p tcp -s 0/0 -d 0/0 --dport 515 -j REJECT

iptables -t nat -A input POSTROUTING -s 0/0 (source ips) -d 0/0 (destination) -j MASQUERADE

hope it helps Smile ... ask if u need more ..i`ll b happy to help
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Linux Tutorial Forum Index -> How To All times are GMT
Page 1 of 1


Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB © 2001-2007 phpBB Group



Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
You can help in many different ways.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.09 Seconds