Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
Hi! My setup is up and running now, including portforwarding.
Well I agree, its not that intuitive and there are some hurdles.
I´m not sure where to start or if it´s necssary, since the howto is pretty straightforward. Shout otherwise I´m glad to help if I can.
Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
Quote:
Originally Posted by
ions
It's now working. I deleted the IPs from Webmin and restarted the two Ubuntu machines and now they're working well. No idea what that was about as I had restarted the machines nearly a dozen times already.
Any chance somebody knows of a thorough howto on adding IPtable rules in Webmin? I'm staring at a page full of fields and buttons and no idea what to do with them.
The easiest way to configure iptables is to just learn how it works.
Read the wikipedia page on it and maybe the man pages, and make sure you understand what chains, tables and rules are. Also look at the big diagram linked in the howto. Once you actually understand iptables, configuring it is easy.
Sam
Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
Hi all,
first of all, thanks Sammydee for a great guide.
I followed it, right up until setting the rules for NAT (i am behind a modem/router which provides me with firewall.
So, i enabled the firewall, and left all the rules blank, with default to 'accept'.
Everything seems to be working peachy except one thing. I can't seem to access my ubuntu machine from the eth_BAD interface.
my network is set up like this
ADSL Modem/Router
- PC 1
- Ubuntu PC (Router)
-PC 2 (via switch)
Where pc1 and Ubuntu pc are plugged directly into the adsl modem/router, and PC 2 is behind the Ubuntu Router. I can access external websites and servers running on the ubuntuPC, so I know it's doing it's routing job fine, but when i try to access the servers running on the ubuntuPC from pc1, it just keeps timing out.
... oh.. and to make matters more interesting...
I was trying (previously) to access the ubuntPC directly (i.e. ssh 192.168.0.73)... no luck
but if i do it through the dyndns i've registered, w/ port forwarding on my modem/router.... it works.
argh!
Any ideas?
Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
also fyi
i've noticed i can't seem to connect to an external website from within the router (e.g using apt-get)
my error is:
Code:
Err http://au.archive.ubuntu.com hardy/main lynx 2.8.6-2ubuntu2
Could not resolve 'au.archive.ubuntu.com'
Failed to fetch http://au.archive.ubuntu.comubuntu/pool/main/l/lyn.....
Code:
$ping www.google.com
ping: unknown host www.google.com
... so yeah.. i just find this odd.
to summarize... I have NAT turned on (no rules, allow all) and this is what I network reponse
From behind my Ubuntu Router, everything seems to be working fine
From within my router, I cannot access the outside world
From outside router, PC 1 (which is the same 'level' as the ubuntu router) cannot access the UbuntuRouter on Eth_BAD (192.168.0.73, as assigned by the modem/router's DHCP)
Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
Makes sure every rule in every chain is set to allow by default.
Can you ping 4.2.2.1? It might be a dns issue...
Sam
Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
I just checked my webmin thingo, NAT, Packet Filter and Packet Alteration were all defaulting to 'accept'... so I don't think that's the problem.
i did a ping 4.2.2.1 from webmin...
Code:
> ping -c 3 4.2.2.1
PING 4.2.2.1 (4.2.2.1) 56(84) bytes of data.
64 bytes from 4.2.2.1: icmp_seq=1 ttl=52 time=197 ms
64 bytes from 4.2.2.1: icmp_seq=2 ttl=52 time=197 ms
64 bytes from 4.2.2.1: icmp_seq=3 ttl=52 time=197 ms
--- 4.2.2.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 197.279/197.617/197.910/0.259 ms
I'm not exactly sure what server I pinged, but that was the result.
Oh.. and just incase it helps here's my /etc/network/interfaces
Code:
> cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo eth0 eth1
iface lo inet loopback
# The primary network interface
iface eth0 inet dhcp
post-up iptables-restore < /etc/iptables.up.rules
iface eth1 inet static
address 192.168.0.1
netmask 255.255.255.0
broadcast 192.168.0.255
network 192.168.0.0
And results from ifconfig
Code:
> ifconfig
eth0 Link encap:Ethernet HWaddr 00:1f:d0:10:1b:0c
inet addr:192.168.0.73 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::21f:d0ff:fe10:1b0c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3328 errors:0 dropped:3251036199 overruns:0 frame:0
TX packets:1301 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:281793 (275.1 KB) TX bytes:679978 (664.0 KB)
Interrupt:221 Base address:0x4000
eth1 Link encap:Ethernet HWaddr 00:e0:4c:12:ad:03
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:18 Base address:0x6000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:50 errors:0 dropped:0 overruns:0 frame:0
TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4470 (4.3 KB) TX bytes:4470 (4.3 KB)
I'm not sure if it's useful or not, but .... yeah.... it'd be cool to get this working.
Thanks Sammydee
Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
Great guide!
But I ran into some problems:
Code:
* Starting DHCP server dhcpd3 [fail]
I think it have something to do with this:
Code:
No subnet declaration for eth2:avahi (0.0.0.0).
** Ignoring requests on eth2:avahi. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface eth2:avahi is attached. **
eth2:avahi is my card that I connect to my switch.
This is the second day I use Linux btw :)
Thanks again!
Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
Quote:
Originally Posted by
destructogus
I just checked my webmin thingo, NAT, Packet Filter and Packet Alteration were all defaulting to 'accept'... so I don't think that's the problem.
i did a ping 4.2.2.1 from webmin...
Code:
> ping -c 3 4.2.2.1
PING 4.2.2.1 (4.2.2.1) 56(84) bytes of data.
64 bytes from 4.2.2.1: icmp_seq=1 ttl=52 time=197 ms
64 bytes from 4.2.2.1: icmp_seq=2 ttl=52 time=197 ms
64 bytes from 4.2.2.1: icmp_seq=3 ttl=52 time=197 ms
--- 4.2.2.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 197.279/197.617/197.910/0.259 ms
Internet connectivity is working fine, you just have no dns server set up.
You need to go into webmin, then networking, network configuration and click hostname and dns client.
You need to tell it some dns servers, best to use the dns servers your isp gve you. If you don't use these, you can use opendns, or I like to use the level3 dns servers 4.2.2.1 and 4.2.2.2. These are anycast and are always very fast and accurate. This should fix your dns problem on the router.
As for your other problem, what network service are you trying to connect to? It may be bound to a specific ethernet device?
Sam
Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
Quote:
Originally Posted by
sykostig
Great guide!
But I ran into some problems:
Code:
* Starting DHCP server dhcpd3 [fail]
I think it have something to do with this:
Code:
No subnet declaration for eth2:avahi (0.0.0.0).
** Ignoring requests on eth2:avahi. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface eth2:avahi is attached. **
eth2:avahi is my card that I connect to my switch.
This is the second day I use Linux btw :)
Thanks again!
From the looks of things you have failed to specify which subnet the dhcp server should broadcast on. Follow through the dhcp section of my howto again making sure you fill in every box. Try looking at the screenshots and checking that your configuration matches.
Sam
Re: Howto: Set up Ubuntu as a firewall/gateway router with webmin
Hey there, thank you so much for the guide!
I have followed every step exactly, save for the part in the command prompt at the beginning, when you said to press "ctrl + O" in order to save it. This was not the option for me, instead it was to overwrite it. I just decided to exit, unable to find the save feature, could this be why I have not found success?
I am trying to use this Ubuntu based pc to authenticate my school's network, then pass the internet onto my wireless router.
I have tried to test the connection by plugging my second network adapter (usb linksys) directly into my laptop (vista). I seemt o connect to the network w/o a problem, (it is called "linksys 3"), but it is local only. I can't seem to see the ubuntu PC either. No luck plugging to into the internet port on my router either.
Any suggestions would be awesome, I really appreciate it!
- Matt