Re: MASQUERADE problem
At 08:09 PM 10/22/01 +0200, you wrote: The line iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE should be using interface eth1 not ppp0 as you (probably) don't have a ppp interface. Also you should add this echo 1 /proc/sys/net/ipv4/ip_forward to enable IP forwarding. The redirect line isn't needed to do MASQ, the above 2 lines alone should do it. Dave Hi all, I've installed a router with linux (a pc with an internet connection). I would like share this connection with the others pc on my network, but it doesn't work. COuld anyone help me ? This my config : eth0 (10.0.0.1) connected to internet eth1 (192.168.0.1) connected to the rest of my lan on my second pc (192.168.0.12), i've defined the default gateway as 192.168.0.1. On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT When the pc tries to ping an address on the internet, there is a message 'network unreachable' What shall I do to make it work ? Best regards
Re: MASQUERADE problem
At 08:09 PM 10/22/01 +0200, you wrote: The line iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE should be using interface eth1 not ppp0 as you (probably) don't have a ppp interface. Also you should add this echo 1 /proc/sys/net/ipv4/ip_forward to enable IP forwarding. The redirect line isn't needed to do MASQ, the above 2 lines alone should do it. Dave Hi all, I've installed a router with linux (a pc with an internet connection). I would like share this connection with the others pc on my network, but it doesn't work. COuld anyone help me ? This my config : eth0 (10.0.0.1) connected to internet eth1 (192.168.0.1) connected to the rest of my lan on my second pc (192.168.0.12), i've defined the default gateway as 192.168.0.1. On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT When the pc tries to ping an address on the internet, there is a message 'network unreachable' What shall I do to make it work ? Best regards -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: MASQUERADE problem
-Original Message- From: Luc MAIGNAN [mailto:[EMAIL PROTECTED]] On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT you don't want the redirect rule at all. The redirect makes all connections try to connect to the localhost. So if you were to try to ping www.debian.org, the pings would be redirected to the localhost. This is not what you want I assume. :) Also, someone already mentioned that you need to make sure that /proc/sys/net/ipv4/ip_forward contains 1 ie, echo 1 /proc/sys/net/ipv4/ip_forward Good Luck, Dave -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: MASQUERADE problem
iptables is the latest packet filter for the 2.4.x series of kernels. ipchains is for 2.2.x. It has some speed and feature improvements. iptables/netfilter website: http://netfilter.filewatcher.org/ netfilter FAQ: http://netfilter.filewatcher.org/netfilter-faq.html - James -Original Message- From: Michael Jager [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 23, 2001 5:32 AM To: debian-isp@lists.debian.org Subject: Re: MASQUERADE problem Not an answer to the problem, just a question. What's the difference between iptables and ipchains? Michael on 23.10.2001 9:54 PM, someone claiming to be Michael R. Schwarzbach [EMAIL PROTECTED] said: Luc MAIGNAN wrote: Hi all, I've installed a router with linux (a pc with an internet connection). I would like share this connection with the others pc on my network, but it doesn't work. COuld anyone help me ? two things: 1.) Have you checked /proc/sys/net/ipv4/ip_forward? This must be set to 1, otherwise the router won't route any packet 2.) I don't know, what you wanna do with your chains... My Masquerading chains (and these of many others) look a bit different: iptables -t nat -A POSTROUTING -i eth0 -s 10.0.0.0/24 -j MASQUERADE This should do it for Masqueradng the other PCs. This my config : eth0 (10.0.0.1) connected to internet eth1 (192.168.0.1) connected to the rest of my lan on my second pc (192.168.0.12), i've defined the default gateway as 192.168.0.1. On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT When the pc tries to ping an address on the internet, there is a message 'network unreachable' What shall I do to make it work ? Best regards -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: MASQUERADE problem
-Original Message- From: Luc MAIGNAN [mailto:[EMAIL PROTECTED] On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT you don't want the redirect rule at all. The redirect makes all connections try to connect to the localhost. So if you were to try to ping www.debian.org, the pings would be redirected to the localhost. This is not what you want I assume. :) Also, someone already mentioned that you need to make sure that /proc/sys/net/ipv4/ip_forward contains 1 ie, echo 1 /proc/sys/net/ipv4/ip_forward Good Luck, Dave
Re: MASQUERADE problem
Luc MAIGNAN wrote: Hi all, I've installed a router with linux (a pc with an internet connection). I would like share this connection with the others pc on my network, but it doesn't work. COuld anyone help me ? two things: 1.) Have you checked /proc/sys/net/ipv4/ip_forward? This must be set to 1, otherwise the router won't route any packet 2.) I don't know, what you wanna do with your chains... My Masquerading chains (and these of many others) look a bit different: iptables -t nat -A POSTROUTING -i eth0 -s 10.0.0.0/24 -j MASQUERADE This should do it for Masqueradng the other PCs. This my config : eth0 (10.0.0.1) connected to internet eth1 (192.168.0.1) connected to the rest of my lan on my second pc (192.168.0.12), i've defined the default gateway as 192.168.0.1. On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT When the pc tries to ping an address on the internet, there is a message 'network unreachable' What shall I do to make it work ? Best regards -- Michael Schwarzbach +--+ | /\ | | \ / | | X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL | | / \ | `~~' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: MASQUERADE problem
Not an answer to the problem, just a question. What's the difference between iptables and ipchains? Michael on 23.10.2001 9:54 PM, someone claiming to be Michael R. Schwarzbach [[EMAIL PROTECTED]] said: Luc MAIGNAN wrote: Hi all, I've installed a router with linux (a pc with an internet connection). I would like share this connection with the others pc on my network, but it doesn't work. COuld anyone help me ? two things: 1.) Have you checked /proc/sys/net/ipv4/ip_forward? This must be set to 1, otherwise the router won't route any packet 2.) I don't know, what you wanna do with your chains... My Masquerading chains (and these of many others) look a bit different: iptables -t nat -A POSTROUTING -i eth0 -s 10.0.0.0/24 -j MASQUERADE This should do it for Masqueradng the other PCs. This my config : eth0 (10.0.0.1) connected to internet eth1 (192.168.0.1) connected to the rest of my lan on my second pc (192.168.0.12), i've defined the default gateway as 192.168.0.1. On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT When the pc tries to ping an address on the internet, there is a message 'network unreachable' What shall I do to make it work ? Best regards -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: MASQUERADE problem
Hi ipchains is for Linux Kernel 2.2, iptables is for Kernel 2.4. Michael Jager wrote: Not an answer to the problem, just a question. What's the difference between iptables and ipchains? Michael on 23.10.2001 9:54 PM, someone claiming to be Michael R. Schwarzbach [[EMAIL PROTECTED]] said: Luc MAIGNAN wrote: Hi all, I've installed a router with linux (a pc with an internet connection). I would like share this connection with the others pc on my network, but it doesn't work. COuld anyone help me ? two things: 1.) Have you checked /proc/sys/net/ipv4/ip_forward? This must be set to 1, otherwise the router won't route any packet 2.) I don't know, what you wanna do with your chains... My Masquerading chains (and these of many others) look a bit different: iptables -t nat -A POSTROUTING -i eth0 -s 10.0.0.0/24 -j MASQUERADE This should do it for Masqueradng the other PCs. This my config : eth0 (10.0.0.1) connected to internet eth1 (192.168.0.1) connected to the rest of my lan on my second pc (192.168.0.12), i've defined the default gateway as 192.168.0.1. On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT When the pc tries to ping an address on the internet, there is a message 'network unreachable' What shall I do to make it work ? Best regards -- Michael Schwarzbach +--+ | /\ | | \ / | | X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL | | / \ | `~~' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: MASQUERADE problem
iptables is the latest packet filter for the 2.4.x series of kernels. ipchains is for 2.2.x. It has some speed and feature improvements. iptables/netfilter website: http://netfilter.filewatcher.org/ netfilter FAQ: http://netfilter.filewatcher.org/netfilter-faq.html - James -Original Message- From: Michael Jager [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 5:32 AM To: [EMAIL PROTECTED] Subject: Re: MASQUERADE problem Not an answer to the problem, just a question. What's the difference between iptables and ipchains? Michael on 23.10.2001 9:54 PM, someone claiming to be Michael R. Schwarzbach [[EMAIL PROTECTED]] said: Luc MAIGNAN wrote: Hi all, I've installed a router with linux (a pc with an internet connection). I would like share this connection with the others pc on my network, but it doesn't work. COuld anyone help me ? two things: 1.) Have you checked /proc/sys/net/ipv4/ip_forward? This must be set to 1, otherwise the router won't route any packet 2.) I don't know, what you wanna do with your chains... My Masquerading chains (and these of many others) look a bit different: iptables -t nat -A POSTROUTING -i eth0 -s 10.0.0.0/24 -j MASQUERADE This should do it for Masqueradng the other PCs. This my config : eth0 (10.0.0.1) connected to internet eth1 (192.168.0.1) connected to the rest of my lan on my second pc (192.168.0.12), i've defined the default gateway as 192.168.0.1. On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT When the pc tries to ping an address on the internet, there is a message 'network unreachable' What shall I do to make it work ? Best regards -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: MASQUERADE problem
Hi ipchains is for Linux Kernel 2.2, iptables is for Kernel 2.4. Michael Jager wrote: Not an answer to the problem, just a question. What's the difference between iptables and ipchains? Michael on 23.10.2001 9:54 PM, someone claiming to be Michael R. Schwarzbach [EMAIL PROTECTED] said: Luc MAIGNAN wrote: Hi all, I've installed a router with linux (a pc with an internet connection). I would like share this connection with the others pc on my network, but it doesn't work. COuld anyone help me ? two things: 1.) Have you checked /proc/sys/net/ipv4/ip_forward? This must be set to 1, otherwise the router won't route any packet 2.) I don't know, what you wanna do with your chains... My Masquerading chains (and these of many others) look a bit different: iptables -t nat -A POSTROUTING -i eth0 -s 10.0.0.0/24 -j MASQUERADE This should do it for Masqueradng the other PCs. This my config : eth0 (10.0.0.1) connected to internet eth1 (192.168.0.1) connected to the rest of my lan on my second pc (192.168.0.12), i've defined the default gateway as 192.168.0.1. On the router, I have done the following : iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -j REDIRECT When the pc tries to ping an address on the internet, there is a message 'network unreachable' What shall I do to make it work ? Best regards -- Michael Schwarzbach +--+ | /\ | | \ / | | X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL | | / \ | `~~'