LDP
/
LDP
mirror of https://github.com/tLDP/LDP
0
1
Fork 0
Code Releases Activity

*** empty log message ***

This commit is contained in:
m_wright 2001-11-21 20:33:02 +00:00
parent ff0b9a4bc3
commit 2a07f7384f
2 changed files with 136 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
LDP/howto/docbook/BTI-PPP.sgml
View File

@ -21,9 +21,17 @@
<contrib>Converted the mini-HOWTO from HTML to Docbook 3.1 (SGML).</contrib>
</othercredit>
<pubdate>2001-11-17</pubdate>
<pubdate>2001-11-21</pubdate>
<revhistory>
<revision>
<revnumber>v0.26</revnumber>
<date>2001-11-21</date>
<authorinitials>mww</authorinitials>
<revremark>
Added a point about the Kernel HOWTO.
</revremark>
</revision>
<revision>
<revnumber>v0.25</revnumber>
<date>2001-11-17</date>
@ -436,6 +444,10 @@ heavyweight task ahead of you, but hey, if I could do it so can you!
This is what you'll need to get it working: </para>
<itemizedlist>
<listitem><para>You must have the kernel source installed and
know the procedure for installing and compiling a new kernel.
If this is a problem then read the <ulink url="http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html">Kernel HOWTO</ulink>.</para></listitem>
<listitem><para>You must be running one of the following
Kernels: 2.3.39, 2.4.0-test4, 2.4.1-pre7, 2.4.7, 2.4.8-pre5.
This is because the PPPoATM patch for the kernel exists patched
@ -687,6 +699,7 @@ modularised, if it isnt then no big deal, either ignore the
<para><command>modprobe iptable_nat</command></para>
<para><command>iptables -t nat -F POSTROUTING</command></para>
<para><command>iptables -t nat -A POSTROUTING -o ppp0 -s 10.0.0.0/16 -j MASQUERADE</command></para>
<para><command>echo 1 > /proc/sys/net/ipv4/ip_forward</command></para>
<para> Change the <option>ppp0</option> and/or the
<option>10.0.0.0/16</option> for your relevant network settings and

122
LDP/howto/docbook/IPTables.sgml Normal file
View File

@ -0,0 +1,122 @@
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN">
<article>
<artheader>
<title>IPTables HOWTO</title>
<author>
<firstname>Matt</firstname>
<surname>Wright</surname>
<affiliation>
<orgname><ulink url="http://www.consultmatt.co.uk">Matt Wright Consulting</ulink></orgname>
<address>
<email>matt@consultmatt.co.uk</email>
</address>
</affiliation>
</author>
<pubdate>2001-11-21</pubdate>
<revhistory>
<revision>
<revnumber>v0.1</revnumber>
<date>2001-11-21</date>
<authorinitials>mww</authorinitials>
<revremark>
Initial writing began.
</revremark>
</revision>
</revhistory>
<abstract>
<para>
This document describes the main functions of the Netfilter Packet
filter (IPTables) included in the 2.4.x series kernels.
</para>
</abstract>
</artheader>
<sect1 id="intro">
<title>Introduction</title>
<para>
I felt the need to write this HOWTO because of, what I thought, is the poor
level of documentation of implementing Packet Filtering firewalls using the 2.4.x Netfilter packet filter. The HOWTO covers using native IPTables commands (ie. not using the ipchains.o) to implement a packet-filter based firewall and the various supported types of NAT.
</para>
<sect2 id="copyright">
<title>Copyright and License</title>
<para>
This document is Copyright 2001 by Matt Wright. Permission is granted
to copy, distribute and/or modify this document under the terms of
the GNU Free Documentation License, Version 1.1 or any later version
published by the Free Software Foundation; with no Invariant
Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A
copy of the license is available at
<ulink url="http://www.gnu.org/copyleft/fdl.html">http://www.gnu.org/copyleft/fdl.html</ulink>
</para>
<para>Send feedback to
<ulink url="mailto:matt@consultmatt.co.uk"><citetitle>matt@consultmatt.co.uk</citetitle></ulink>.
</para>
</sect2>
<sect2 id="author">
<title>About the author</title>
<para> My name is Matt Wright. I'm 16 year-old student in Blackburn,
Lancashire. I'm a freelance Linux consultant. I am the proud owner of
a Duron 950Mhz (all I could easily afford) with 256MB SDRAM, Voodoo 4
Video Card, ATI All-in-Wonder Pro Video Card. I also have a 266Mhz Cyrix
that runs my USB ADSL connection, of which if you are reading this from
<ulink url="http://www.consultmatt.co.uk">http://www.consultmatt.co.uk</ulink>
you will be using. </para>
<para>
You can find me at <ulink url="http://www.consultmatt.co.uk">www.consultmatt.co.uk</ulink>. Or at <ulink url="mailto:matt@consultmatt.co.uk">matt@consultmatt.co.uk</ulink>.
</para>
</sect2>
<sect2 id="greetz">
<title>Acknowledgements</title>
<para><emphasis>TODO: Insert greetz here</emphasis></para>
</sect2>
</sect1>
<sect1 id="whatis">
<title>What is IPTables</title>
<para>IPtables (known as Netfilter) was written by Paul Russell and the other
members of the <ulink url="http://netfilter.samba.org">Netfiler Project
Team</ulink>. It was meant as a replacement for IPChains that was implemented
in the 2.2.x series kernels. It offers true 1:1 NAT capabilities, Packet
filtering and connection tracking.</para>
<para>One major upshot of this is that due to the implementation of connection
tracking you can allow incoming connections by whether or not they relate to
an established connection. There is still some need for helper modules for
some conenction types. (FTP and IRC at the moment)</para>
</sect1>
<sect1 id="req">
<title>Requirements</title>
<para>You only need a couple of things to get IPTables going, these include:</para>
<itemizedlist>
<listitem><para>A 2.4.x series kernel with the Netfilter modules compiled.
(I will deal with the Netfilter code as modules but feel free to compile
them in and ignore the module information.)</para></listitem>
<listitem><para>The IPTables source code, get it from <ulink
url="http://netfilter.samba.org">The Netfilter Project</ulink>
</para></listitem>
<listitem><para>This HOWTO <emphasis role="strong">does not</emphasis>
cover compiling and/or installing IPTables. Usually this is pre-installed
with a 2.4.x distro and if not then please consult the Netfilter website
for more information.</para></listitem>
</itemizedlist>
</sect1>
</article>