Hi all,
My old server died and with it my NAT configuration.
I used to upgrade and re-use my NAT configuration from the Drac Wizard network sharing
Now with a clean install of Mageia 8 i found out that the script or wizard doesn' t work.
Any tricks to fix this would be appreciated ?
I have an internet connection in bridged modus & a local lan 192.168.0.1
Thanks in advance
Network sharing wizard is broken
3 posts
• Page 1 of 1
Network sharing wizard is broken
by Gfaery » Mar 17th, '22, 11:37
Last edited by isadora on Mar 17th, '22, 13:52, edited 1 time in total.
Reason: Topic moved into appropriate sub-forum
Reason: Topic moved into appropriate sub-forum
- Gfaery
- Posts: 2
- Joined: Mar 17th, '22, 11:26
Re: Network sharing wizard is broken
by sturmvogel » Mar 17th, '22, 16:53
Some more informations would be helpfull. What do you do/try? What are the results? What are the error messages? What are the console outputs? How old is your network configuration that you try to reuse again (which Mageia version)? ....
- sturmvogel
- Posts: 744
- Joined: Jul 30th, '12, 00:39
Re: Network sharing wizard is broken
by Gfaery » Mar 18th, '22, 17:35
Hi Sturmvogel,
Sorry for the delay but work got inbetween. I've used the MCC in cli and gui mode for internet connection sharing since Mandrake 6.1. In the past I could use the upgrade function to keep my nat configuration intact.
With the current situation I did a clean install of Mageia 8 as a firewall/router.
Linuxkernel 5.15.28-desktop-1.mga8
After the internet connection sharing installation is finnished installing Bind, DHCP-server and Squid I still have an internet connection witch i've never had in secure mode. The local network DHCP works wel but no internet.
This is my iptables standard configuration from Mageia 8 internet connection sharing:
Again thanks in advance
Edited post to add code tags ~Germ
Sorry for the delay but work got inbetween. I've used the MCC in cli and gui mode for internet connection sharing since Mandrake 6.1. In the past I could use the upgrade function to keep my nat configuration intact.
With the current situation I did a clean install of Mageia 8 as a firewall/router.
Linuxkernel 5.15.28-desktop-1.mga8
After the internet connection sharing installation is finnished installing Bind, DHCP-server and Squid I still have an internet connection witch i've never had in secure mode. The local network DHCP works wel but no internet.
This is my iptables standard configuration from Mageia 8 internet connection sharing:
- Code: Select all
iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
Ifw all -- anywhere anywhere
enp1s4_in all -- anywhere anywhere
tun6to4_in all -- anywhere anywhere
enp1s9_in all -- anywhere anywhere
enp31s0_in all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
DROP all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type ANYCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
LOG all -- anywhere anywhere limit: up to 1/sec burst 10 mode srcip LOG level info prefix "INPUT REJECT "
reject all -- anywhere anywhere [goto]
Chain FORWARD (policy DROP)
target prot opt source destination
enp1s4_fwd all -- anywhere anywhere
tun6to4_fwd all -- anywhere anywhere
enp1s9_fwd all -- anywhere anywhere
enp31s0_fwd all -- anywhere anywhere
DROP all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type ANYCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
LOG all -- anywhere anywhere limit: up to 1/sec burst 10 mode srcip LOG level info prefix "FORWARD REJECT "
reject all -- anywhere anywhere [goto]
Chain OUTPUT (policy DROP)
target prot opt source destination
enp1s4_out all -- anywhere anywhere
tun6to4_out all -- anywhere anywhere
enp1s9_out all -- anywhere anywhere
enp31s0_out all -- anywhere anywhere
fw-fw all -- anywhere anywhere
DROP all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type ANYCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
LOG all -- anywhere anywhere limit: up to 1/sec burst 10 mode srcip LOG level info prefix "OUTPUT REJECT "
reject all -- anywhere anywhere [goto]
Chain Ifw (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere match-set ifw_wl src
DROP all -- anywhere anywhere match-set ifw_bl src
IFWLOG all -- anywhere anywhere ctstate INVALID,NEWpsd weight-threshold: 10 delay-threshold: 10000 lo-ports-weight: 2 hi-ports-weight: 1 IFWLOG prefix 'SCAN'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:6881IFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:dtspcdIFWLOG prefix 'NEW'
IFWLOG udp -- anywhere anywhere ctstate NEW udp dpt:8881IFWLOG prefix 'NEW'
Chain dynamic (8 references)
target prot opt source destination
Chain enp1s4_fwd (1 references)
target prot opt source destination
sfilter all -- anywhere anywhere [goto]
dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED
tcpflags tcp -- anywhere anywhere
loc_frwd all -- anywhere anywhere
Chain enp1s4_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED
tcpflags tcp -- anywhere anywhere
loc-fw all -- anywhere anywhere
Chain enp1s4_out (1 references)
target prot opt source destination
fw-loc all -- anywhere anywhere
Chain enp1s9_fwd (1 references)
target prot opt source destination
sfilter all -- anywhere anywhere [goto]
dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED
tcpflags tcp -- anywhere anywhere
net_frwd all -- anywhere anywhere
Chain enp1s9_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED
tcpflags tcp -- anywhere anywhere
net-fw all -- anywhere anywhere
Chain enp1s9_out (1 references)
target prot opt source destination
fw-net all -- anywhere anywhere
Chain enp31s0_fwd (1 references)
target prot opt source destination
sfilter all -- anywhere anywhere [goto]
dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED
tcpflags tcp -- anywhere anywhere
net_frwd all -- anywhere anywhere
Chain enp31s0_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED
tcpflags tcp -- anywhere anywhere
net-fw all -- anywhere anywhere
Chain enp31s0_out (1 references)
target prot opt source destination
fw-net all -- anywhere anywhere
Chain fw-fw (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:squid ctorigdstport 80
ACCEPT all -- anywhere anywhere
Chain fw-loc (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
Chain fw-net (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:http owner UID match squid
ACCEPT all -- anywhere anywhere
Chain loc-fw (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:squid ctorigdstport 80
ACCEPT all -- anywhere anywhere
Chain loc-net (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
Chain loc_frwd (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
loc-net all -- anywhere anywhere
loc-net all -- anywhere anywhere
Chain logdrop (0 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain logflags (7 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: up to 1/sec burst 10 mode srcip LOG level info ip-options prefix "logflags DROP "
DROP all -- anywhere anywhere
Chain logreject (0 references)
target prot opt source destination
reject all -- anywhere anywhere
Chain net-fw (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere multiport dports 6881,dtspcd
ACCEPT udp -- anywhere anywhere udp dpt:8881
DROP all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type ANYCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
LOG all -- anywhere anywhere limit: up to 1/sec burst 10 mode srcip LOG level info prefix "net-fw DROP "
DROP all -- anywhere anywhere
Chain net-loc (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DROP all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type ANYCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
LOG all -- anywhere anywhere limit: up to 1/sec burst 10 mode srcip LOG level info prefix "net-loc DROP "
DROP all -- anywhere anywhere
Chain net_frwd (2 references)
target prot opt source destination
net-loc all -- anywhere anywhere
net-loc all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain reject (4 references)
target prot opt source destination
DROP all -- anywhere anywhere ADDRTYPE match src-type BROADCAST
DROP all -- base-address.mcast.net/4 anywhere
DROP igmp -- anywhere anywhere
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
REJECT icmp -- anywhere anywhere reject-with icmp-host-unreachable
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain sfilter (4 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: up to 1/sec burst 10 mode srcip LOG level info prefix "sfilter DROP "
DROP all -- anywhere anywhere
Chain sha-lh-d6edc15137a3b1b69f68 (0 references)
target prot opt source destination
Chain sha-rh-898c391375d387bdd471 (0 references)
target prot opt source destination
Chain shorewall (0 references)
target prot opt source destination
all -- anywhere anywhere recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255
Chain tcpflags (8 references)
target prot opt source destination
logflags tcp -- anywhere anywhere [goto] tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
logflags tcp -- anywhere anywhere [goto] tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
logflags tcp -- anywhere anywhere [goto] tcp flags:SYN,RST/SYN,RST
logflags tcp -- anywhere anywhere [goto] tcp flags:FIN,RST/FIN,RST
logflags tcp -- anywhere anywhere [goto] tcp flags:FIN,SYN/FIN,SYN
logflags tcp -- anywhere anywhere [goto] tcp flags:FIN,PSH,ACK/FIN,PSH
logflags tcp -- anywhere anywhere [goto] tcp spt:0 flags:FIN,SYN,RST,ACK/SYN
Chain tun6to4_fwd (1 references)
target prot opt source destination
sfilter all -- anywhere anywhere [goto]
dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED
tcpflags tcp -- anywhere anywhere
loc_frwd all -- anywhere anywhere
Chain tun6to4_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED
tcpflags tcp -- anywhere anywhere
loc-fw all -- anywhere anywhere
Chain tun6to4_out (1 references)
target prot opt source destination
fw-loc all -- anywhere anywhere
Again thanks in advance
Edited post to add code tags ~Germ
- Gfaery
- Posts: 2
- Joined: Mar 17th, '22, 11:26
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 1 guest