linux Firewall with webmin

can someone point me to how to setup my port redirects with webmin on iptables

im in need of forwarding my internal lan port 80 to port 3128 to squid for transparent proxy

any help would be great. or if possible how could i setup so i wouldnt need squid and my computers could just go out the internet to www.google.com and return?

im using fedora core 5 and webmin with iptables.
my two ethernet cards are

eth0      Link encap:Ethernet  HWaddr 00:07:E9:D7:FC:4A
          inet addr:192.168.99.10  Bcast:192.168.99.255  Mask:255.255.255.0
          inet6 addr: fe80::207:e9ff:fed7:fc4a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1465992 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1926162 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:201943353 (192.5 MiB)  TX bytes:1609675194 (1.4 GiB)

eth1      Link encap:Ethernet  HWaddr 00:07:E9:D7:FC:4B
          inet addr:68.236.*.*  Bcast:68.236.1*.*  Mask:255.255.255.0
          inet6 addr: fe80::207:e9ff:fed7:fc4b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7814875 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8300252 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3615322993 (3.3 GiB)  TX bytes:2394278076 (2.2 GiB)
LVL 1
aot2002Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
giltjrConnect With a Mentor Commented:
Do you have the Linux box setup to do IP routing/forwarding?

if you want to remove Squid from the picture then at a minumum you need to have the Linux box setup to do IP forwarding.

I would suggest that you use Squid as it can reduce traffic on your Internet connection.  Squid will cache static web pages and so if multiple people go to the same site, the page (or information on the pages) are only transmitted over the Internet once.  Squid also allows you to filter the sites you are going to.

Issue the command "cat /proc/sys/net/ipv4/ip_forward"  if you get back "1", then you are setup for IP forwarding, if you get back a "0" or "file does not exist", then you are not setup for IP forwarding.  To setup ipforwarding you can issue the command "echo  1>/proc/sys/net/ipv4/ip_forward"

The link I gave you is fairly simple, but it not based on Webmin.  You might be able to go to the Webmin site and see if they have simple instructions.

If you really do not want to use Squid, you will need to use IP address masqurading.  You can follow the information located here to help you get on your way:

http://www.linuxhelp.net/guides/ipmasq24/
0
 
pablouruguayCommented:
i dont know in webmin but in text mode check this
http://lists.netfilter.org/pipermail/netfilter/2004-December/057512.html
0
 
aot2002Author Commented:
thanks but i already have text instructions
need webmin please

anyone else?
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
giltjrCommented:
I am confused.  Do you want squid to do transparent proxy or do you not want to use squid?

Transparent proxy:

     http://tldp.org/HOWTO/TransparentProxy.html


If you do not want to use Squid (which I think using Squid is a good idea) you need to give us more information on your setup.  You may or may not just need to setup address Masquerading.

When in doubt, look at the config in Webmin (don't forget to view packet alteration and nat tables), follow the text instructions, then look the the config in Webmin again and see what the difference is.
0
 
aot2002Author Commented:
ok basically what im trying to do is setup my two nic cards in my linux machine as a router

one to be my lan with DHCP
and one to be my WAN with NAT block

the trouble is i setup this and my computers dont seem to get to the net. only through squid they can i thought i'd setup squid through port 80 so it was transparent on the lan side but alot of other programs dont relay information back and forth from my linux firewall
even programs that established a connection from the lan side seem to not be able to get results back.
it could also be a routing issue.
i was hoping someone has done this before with simple basic instructions to get me started
0
 
aot2002Author Commented:
cat /proc/sys/net/ipv4/ip_forward
0

echo  1>/proc/sys/net/ipv4/ip_forward
-bash: echo: write error: Invalid argument

[root@ ~]# echo  1 >/proc/sys/net/ipv4/ip_forward

[root@ ~]# cat /proc/sys/net/ipv4/ip_forward
1


now reading link
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.