Hi guys. I have Mandrake 9.1 installed on my machine, connected to the internet via an ADSL modem router (on eth0). The IP address of eth0 is 10.0.0.6. The 'internal' address of the router is 10.0.0.2. My static IP with the ISP is (roughly) 80.177.90.10. Now the ADSL does NAT'ing so my machine is well hidden from the internet unless someone attacks the router directly.

The trouble is when using chat programs which allow file transfer, I can't receive files from my buddies, because they can't establish the connection with my machine (as they're going through the router).

My question is, can I give my machine's eth0 and router addresses in the 80.177.90.0 range and use masquerading to protect the machine, or should I use IPTables? I know a bit about networking, but I'm not confident to troubleshoot something like IPTables, so if there was a graphical front-end...?

The best solution for me would be if there was a way to leave the exisiting setup in place but allow file transfer via the NAT, is this possible? The ADSL router has a Conexant chipset, it's a generic brand though.

Thanks guys...
Phil.

Your firewall is only allowing file transfers initiated by local IPs.

Go buy the Linux Firewall book:

Linux Firewalls by Ziegler

Published by New Riders

isbn#0-7357-1099-6

My guess is that your router isn't forwarding the appropriate ports to allow a connection to your local machine. Check the ports required for the file transfer and get your router to forward those ports.

Joe

If you can set up your modem to run in 'bridged' mode it runs a bit like a dial up modem. In other words, it won't use NAT because your eth0 will have the WAN IP address.

Then all traffic will hit your eth0 interface, so make sure you've got your firewall ready! ;)

Type "Bastille Interactive" (without the quotes) in the console. Its a simple program that secures your system.