modem iptables
Florentin Ionescu
I am trying to connect my box , as dhcp server for my laptop and have
problem using iptables to give internet access for the laptop. The box
has a modem -> connects to internet , and a NIC connected to a hub to
which laptop is also connected.
Internal network works(ping , dhcp assigns address), kernel is 2.4.18,
all necessary modules form ipv4 are loaded , and in /proc/sys/net/ipv4
ip_forwad and ip_dynaddr are set to "1".
So box is 192.168.0.1 (configured in /etc/network/interfaces) with this
netstat -nr
Destination Gateway Genmask Flags MSS Window irtt Iface
165.238.140.22 0.0.0.0 255.255.255.255 UH 40 0 0 ppp0
192.168.0.0 0.0.0.0 255.255.255.0 U 40 0 0 eth0
0.0.0.0 165.238.140.22 0.0.0.0 UG 40 0 0 ppp0
Laptop does get it's IP from dhcp server 198.162.0.2 plus
I add 'route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.1'
netstat -nr (laptop) -
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 40 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo
The problem where I need some help is that I get packets in/out but
no packet gets forwarded eth0 to ppp0 or ppp0 to eth0 -
iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT
iptables -A FORWARD -d 192.168.0.0/24 -j ACCEPT
iptables -A PREROUTING -t nat -p tcp -i ppp0 -j DNAT --to 192.168.0.1
Thank you,
Florentin.
--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Stephen Gran
--2JFBq9zoW8cOFH7v
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
This one time, at band camp, Florentin Ionescu said:
> Hi,
> I am trying to connect my box , as dhcp server for my laptop and have
> problem using iptables to give internet access for the laptop. The box
> has a modem -> connects to internet , and a NIC connected to a hub to
> which laptop is also connected.
>=20
> Internal network works(ping , dhcp assigns address), kernel is 2.4.18,
> all necessary modules form ipv4 are loaded , and in /proc/sys/net/ipv4
> ip_forwad and ip_dynaddr are set to "1".
>=20
>=20
> So box is 192.168.0.1 (configured in /etc/network/interfaces) with this
> netstat -nr
> Destination Gateway Genmask Flags MSS Window irtt =
Iface
> 165.238.140.22 0.0.0.0 255.255.255.255 UH 40 0 0 =
ppp0
> 192.168.0.0 0.0.0.0 255.255.255.0 U 40 0 0 =
eth0
> 0.0.0.0 165.238.140.22 0.0.0.0 UG 40 0 0 =
ppp0
>=20
> Laptop does get it's IP from dhcp server 198.162.0.2 plus
> I add 'route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.1'
> netstat -nr (laptop) -
> Destination Gateway Genmask Flags MSS Window irtt =
Iface
> 192.168.0.0 0.0.0.0 255.255.255.0 U 40 0 0 =
eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 =
lo
>
> The problem where I need some help is that I get packets in/out but
> no packet gets forwarded eth0 to ppp0 or ppp0 to eth0 -
>=20
> iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT
> iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT
> iptables -A FORWARD -d 192.168.0.0/24 -j ACCEPT
> iptables -A PREROUTING -t nat -p tcp -i ppp0 -j DNAT --to 192.168.0.1
On the gateway box,=20
echo 1 > /proc/sys/net/ipv4/ip_forward
This truns on forwarding.
HTH,
Steve
--=20
Hanson's Treatment of Time:
There are never enough hours in a day, but always too many days
before Saturday.
--2JFBq9zoW8cOFH7v
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9RzWeQiN4dKPqTxgRAiPPAJwMFfz4vyIPvlBiyATI5m9TGityfACfX4t0
B4pzrPwi2yR5C53WjGiXep0=
=X2a9
-----END PGP SIGNATURE-----
--2JFBq9zoW8cOFH7v--