ipchains problem

[pfarrar at learningco.com (Peter Farrar)]

     I'm not sure.  I don't have any reference readily available.  But I 
     believe the -P in '/sbin/ipchains -P forward DENY' is for Purge.  So 
     everything preceding this line will be lost.  Try putting this line in 
     the front of your script.  Remember that your ipchains rules will be 
     executed in the order you declare them,
     
     Peter


______________________________ Reply Separator _________________________________
Subject: ipchains problem
Author:  Frank Ramsay <fjr at marsdome.penguinpowered.com> at INTERNET
Date:    04/15/2000 9:23 PM


After upgrading to my dual CPU and having various problems I decided to 
re-install RedHat 6.1.  Well this solved all the problems except one.  My 
ipchains no longer work.  The internal network appears fine (my Win95 box 
can ping the internal card on the Linux box and see the samba shares).
I ran a few basic check, the Linux machine can ping the windows one,
The win95 machine can ping the _internal_ network card on the Linux box. 
The win95 machine cannot ping the _external_ network card on the Linux box.
     
eth0 is my external network card
90.0.0.x is my internal network (that worked fine before the upgrade) 
The kernel is 2.2.12-20smp
Here is the script, I don't see anything wrong with it.  
     
--- begin include ---
     
/sbin/depmod -a 
/sbin/modprobe ip_masq_ftp 
/sbin/modprobe ip_masq_raudio 
/sbin/modprobe ip_masq_irc 
echo "1" > /proc/sys/net/ipv4/ip_forward 
echo "1" > /proc/sys/net/ipv4/ip_dynaddr 
     
/sbin/ipchains -M -S 7200 10 160 
/sbin/ipchains -A input -j ACCEPT -i eth0 -s 0/0 67 -d 0/0 68 -p udp 
/sbin/ipchains -P forward DENY 
/sbin/ipchains -A forward -s 90.0.0.0/24 -j MASQ 
     
--- end include ---
     
Any ideas?
     
                        -fjr
-- 
Frank J. Ramsay
fjr at marsdome.penguinpowered.com
     
-
Subcription/unsubscription/info requests: send e-mail with 
"subscribe", "unsubscribe", or "info" on the first line of the 
message body to discuss-request at blu.org (Subject line is ignored).
-------------- next part --------------
Received: from eagle.fremont.learningco.com ([206.5.54.10]) by
mail.learningco.com with SMTP
  (IMA Internet Exchange 3.12) id 0005A810; Sat, 15 Apr 2000 18:46:50 -0700
Received: from fremont.learningco.com ([12.16.192.116]) by
eagle.fremont.learningco.com
          via smtpd (for mail.learningco.com [206.5.52.32]) with SMTP; 16 Apr
2000 01:44:07 UT
Received: from tarnhelm.blu.org (tarnhelm.blu.org [207.31.228.20])
	by fremont.learningco.com (8.9.3/8.8.7) with ESMTP id RAA23144
	for <pfarrar at learningco.com>; Sat, 15 Apr 2000 17:43:11 -0700
Received: (from majordom at localhost)
	by tarnhelm.blu.org (8.9.3/8.9.3) id VAA32354
	for discuss-outgoing; Sat, 15 Apr 2000 21:33:14 -0400
Received: from marsdome.penguinpowered.com
(IDENT:root at r93aag001561.sbo-smr.ma.cable.rcn.com [146.115.122.40])
	by tarnhelm.blu.org (8.9.3/8.9.3) with ESMTP id VAA32351
	for <discuss at Blu.Org>; Sat, 15 Apr 2000 21:33:08 -0400
Received: from localhost (localhost [[UNIX: localhost]])
	by marsdome.penguinpowered.com (8.9.3/8.8.7) id VAA02116
	for discuss at Blu.Org; Sat, 15 Apr 2000 21:34:22 -0400
From: Frank Ramsay <fjr at marsdome.penguinpowered.com>
To: discuss at Blu.Org
Subject: ipchains problem
Date: Sat, 15 Apr 2000 21:23:40 -0400
X-Mailer: KMail [version 1.0.28]
Content-Type: text/plain
MIME-Version: 1.0
Message-Id: <00041521342200.02070 at marsdome.penguinpowered.com>
Content-Transfer-Encoding: 8bit
Sender: owner-discuss at Blu.Org
Precedence: bulk
X-List-Info: discuss at blu.org; Majordomo 1.94.4
X-Sender: Frank Ramsay <fjr at marsdome.penguinpowered.com>