Hej
Ja, så vender jeg tilbage med mit problem om guidedog.
Hvis jeg bruger SuSE8's firewall2 virker alt som det skal, også
Java/homebank på min winxp browser, men jeg kunne godt tænke mig at bruge
guarddog som firewall, det kræver bare at routningen sættes op først, og der
kan man så bruge guidedog, men bruger jeg guidedog, virker min Java/homebank
ikke...????
Her er det script som guidedog bruger, er der en der kan se hvad der skal
ændres så det kommer til at virke..
#!/bin/sh
## [Guidedog]
# DO NOT EDIT!
# This script was generated by "Guidedog" by Simon Edwards
#
http://www.simonzone.com/software/guidedog/ This script requires Linux
# kernel 2.4.x and iptables.
#
# [Description]
#
# [Config]
# DISABLED=0
# ROUTING=1
# MASQUERADE=1
# MASQUERADEFTP=1
# MASQUERADEIRC=1
# [End]
# Real code starts here
# If you change the line below then also change the # DISABLED line above.
DISABLE_GUIDEDOG=0
if [ $DISABLE_GUIDEDOG -eq 0 ]; then
# Set the path
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/sbin
if test -z $GUIDEDOG_VERBOSE; then
GUIDEDOG_VERBOSE=0
fi;
logger -p auth.info -t guidedog Configuring routing now.
[ $GUIDEDOG_VERBOSE -eq 1 ] && echo "Resetting routing rules."
# Shut down routing
echo 0 > /proc/sys/net/ipv4/ip_forward 2> /dev/null
iptables -t nat -P PREROUTING DROP
iptables -t nat -P POSTROUTING DROP
iptables -t nat -P OUTPUT DROP
# Delete any existing chains
iptables -t nat -F
iptables -t nat -X
# Enable/disable routing
[ $GUIDEDOG_VERBOSE -eq 1 ] && echo "Enabling routing."
echo 1 > /proc/sys/net/ipv4/ip_forward 2> /dev/null
[ $GUIDEDOG_VERBOSE -eq 1 ] && echo "Loading kernel modules."
modprobe iptable_nat
modprobe ip_nat_ftp
modprobe ip_nat_irc
[ $GUIDEDOG_VERBOSE -eq 1 ] && echo "Inserting masquerade rules."
iptables -t nat -N fromprivate
# Packets from the private IP range to another private IP range are
untouched.
iptables -t nat -A fromprivate -d 192.168.0.0/24 -j ACCEPT
iptables -t nat -A fromprivate -d 172.16.0.0/12 -j ACCEPT
iptables -t nat -A fromprivate -d 10.0.0.0/8 -j ACCEPT
# Packets that get here are from the private address range
# and are trying to get out to the internet. We NAT them.
iptables -t nat -A fromprivate -j MASQUERADE
# Siphon off any packets that are from the private IP range.
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j fromprivate
iptables -t nat -A POSTROUTING -s 172.16.0.0/12 -j fromprivate
iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -j fromprivate
# packets that get here can just hit the default policy.
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
[ $GUIDEDOG_VERBOSE -eq 1 ] && echo "Finished."
fi;
Håber der er en der kan/vil hjælpe mig.
Mvh Jan