Re: [SLUG] Networking Linux Box and Win98 - Help!

From: Russell Hires (rhires@earthlink.net)
Date: Tue Apr 30 2002 - 22:03:48 EDT


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 30 April 2002 18:07 pm, you wrote:
> On Tuesday 30 April 2002 04:48 pm, you wrote:
> > No, not necessarily. I thought I'd had it figured out, too. The PPPoE
> > config script has a specific option for none vs. standalone vs.
> > masquerade that you have to choose during configuration. If it's running
> > just fine using the standalone option, then it has been figured out that
> > it works, but it won't do the masqerading part. The script sets up a file
> > called pppoe.conf, and that should tell which of the three options we're
> > dealing with.
>
> Russell,
>
> I think you might be on to something here. I am running RH 7.2 with the
> 2.4 Kernel. I got the rp-pppoe from Roaring Penguin and it is working fine
> for JUST the Linux box. I don't remember any choices about masquerading
> when I installed it, but if you could help get me zeroed in on that it may
> help me fix this.
"adsl-setup" is what you want to use from the pppoe package. At one point in
the configuration, you should come up with this:
FIREWALLING

Please choose the firewall rules to use. Note that these rules are
very basic. You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security. If you
are running any servers on your machine, you must choose 'NONE' and
set up firewalling yourself. Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc. If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.

The firewall choices are:
0 - NONE: This script will not set any firewall rules. You are responsible
          for ensuring the security of your machine. You are STRONGLY
          recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
                for a LAN
This is from version 3.0 of the pppoe client software. There's also a gui
client setup, if you prefer that.
> I have tried about 20 times to use line command based on
> the various fixes I have been told about and I haven't gotten anywhere.
> Honestly, when it comes to doing it that way I have ABSOLUTELY NO IDEA what
> I am doing.
That's okay. Keep poking around and you'll know just enough to be dangerous.
(Just like me! :-D)
> It's like a guy with a private pilots license trying to land a
> 747.
I'm being told by air traffic control exactly what to do....
> I DID find and interesting firewall GUI thing that might help. I think its
> part of KDE. It's comes up as "firewall-config" and has all kinds of stuff
> about chains, masquerading, forwarding, and ... post nasal drip. So, maybe
> this is the gadget I need to deal with. Certainly, its less scary than the
> prompt! If it would help I could throw you some screenshots so you could
> see what I'm looking at. I can find NO documentation for this interface at
> all. I think its new.
>
> Bob
I'm not too impressed with any of the gui tools that I've seen, which are
supposed to make firewalling easier. So far I've seen that the only thing
they do is make it easier to break things! The one firewall tool that I love
is at a website: http://www.linux-firewall-tools.com/linux/firewall/index.html
It creates a firewall script for you. You just answer the questions about
what you do and don't want.

Are we getting there? I still think that firewalls are long and arduous,
hopefully I'm helping you out here!

Russell
- --
Linux -- the OS for the Renaissance Man
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8z00FAqKGrvVshJQRAo6wAKDJErGref9NRktM7kiaRWfgCK5ClQCeIBRO
NNf3qtESzPnWIf3zt5dt+hw=
=Y02j
-----END PGP SIGNATURE-----



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:39:23 EDT