On Tue, Feb 04, 2003 at 10:50:43PM +0000, Pigeon wrote: > So: the main box is 192.168.1.1, the modem box is 192.168.1.2. I add > "gateway 192.168.1.2" to /etc/network/interfaces on the main box and > run /etc/init.d/networking restart. > > On the modem box I do > echo 1 > /proc/sys/net/ipv4/ip_forward > ipchains -A forward -s 192.168.1.1/32 -d 0.0.0.0/0 -j ACCEPT -b > ipchains -P forward ACCEPT > pon ukonline > ping 195.40.1.36 (this is a ukonline DNS server) > ... and it works. > > I go back to the main box and try and ping the same address, and > nothing happens. >
Different approach. Now on the modem box I do: modprobe ipt_MASQUERADE iptables -F iptables -t nat -F iptables -t mangle -F iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward And from the main box, I can get through the modem box and out onto the net. I can ping 195.40.1.36 from the main box and it works. The problem now is DNS. My ISP uses dynamic DNS, so I am used to having ppp rewrite my /etc/resolv.conf every time I connect. Now, of course, the modem box is doing the connecting, so the main box's /etc/resolv.conf does not get updated. The ISP seems to be giving me any two out of three nameservers, so I could fudge it by putting all three in the main box's /etc/resolv.conf, but I'd rather have it updating automatically like it's supposed to. So I have resorted to a VILE HACK. The main box exports its /etc via NFS to the modem box. A script in the modem box's /etc/ppp/ip-up.d then copies the modem box's newly updated /etc/resolv.conf across to the main box whenever I connect. I'm sure there must be a less vile method of doing this... what is it? Pigeon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]