On Tue, 4 Mar 2003 02:38:35 +0100 horrorvacui@xxxxxxx wrote: <snip> > I use masquerading, but I've used the SuSE firewall > scripts to set it up (just changed a no to a yes where it said > "masquerading"), and don't know how much of a help would I be with > setting rules that work. From what I've read about it, it doesn't seem > to be too difficult, it's just adding a firewall rule, only I never did > it myself. It so happens that just now someone has asked a question about just this, and Mike Peters answered it on Linux newbies. It seems to fit perfectly (except that this bloke has 2 NIC's, but hacking the script to fit shouldn't be a problem). Here it is in full: <quote> On Mon, 3 Mar 2003 21:18:16 +0530 "Dr. Dinesh Mhatre" <hightechflav@xxxxxxxx> wrote: > i have one pc with 2 nic running linux and also having access to net > through 1 nic. The other pc has 1 nic and running windows. How do i > access net on windows pc using crossover cable > > Are the 2 nics configured in linux, ie do they both show up when you run ifconfig for example? If so you just need to enable ip masquerading in your firewall (see below) on the linux machine and set the gateway of the windows machine to the ip address of the linux machine. Your firewall script add: #To enable forwarding: echo "1" > /proc/sys/net/ipv4/ip_forward #If you use a dynamic ip: echo "1" > /proc/sys/net/ipv4/ip_dynaddr #ip masq stuff (replace with real values): IPTABLES=/path/to/iptables EXTIF=external interface INTIF=internal interface INTIP=internal ip EXTIP=external ip $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state \ ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT $IPTABLES -A FORWARD -j DROP #IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to $EXTIP Also check you have the appropriate kernel modules loaded before you run this. The windows stuff is done with one of those fangled GUI things :) </quote> Hope this helps -- Horror Vacui Registered Linux user #257714 Go get yourself... counted: http://counter.li.org/ - and keep following the GNU. To unsubcribe send e-mail with the word unsubscribe in the body to: Linux-Anyway-Request@xxxxxxxxxxxxx?body=unsubscribe