On Fri, 2 Apr 2004, Amanda wrote: > output of netstat -rn taken earlier today > Kernel IP routing table > Destination Gateway Genmask Flags MSS Window irtt Iface > 10.0.0.150 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 > 10.0.0.104 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 > 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ppp0 > 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth1 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo > 0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth1 > > output of ifconfig taken just now after a recent reboot. > eth0 Link encap:Ethernet HWaddr 00:E0:29:67:18:1C > inet addr:192.168.0.210 Bcast:192.168.0.255 Mask:255.255.255.0 > EtherTalk Phase 2 addr:65280/31 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:16 errors:0 dropped:0 overruns:0 frame:0 > TX packets:81 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 > RX bytes:2148 (2.0 Kb) TX bytes:8917 (8.7 Kb) > > eth1 Link encap:Ethernet HWaddr 00:00:E8:12:8B:60 > inet addr:10.0.0.3 Bcast:10.255.255.255 Mask:255.0.0.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:298 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:466 dropped:0 overruns:0 carrier:932 > collisions:0 > RX bytes:24767 (24.1 Kb) TX bytes:0 (0.0 b) > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > EtherTalk Phase 2 addr:0/0 > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:25 errors:0 dropped:0 overruns:0 frame:0 > TX packets:25 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 > RX bytes:2480 (2.4 Kb) TX bytes:2480 (2.4 Kb) > > ppp0 Link encap:Point-to-Point Protocol > inet addr:10.0.0.87 P-t-P:10.0.0.104 Mask:255.255.255.255 > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1000 Metric:1 > RX packets:21 errors:0 dropped:0 overruns:0 frame:0 > TX packets:18 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 > RX bytes:1020 (1020.0 b) TX bytes:795 (795.0 b) > > Yes, there's a firewall on it. I didn't configure it, it comes on by default > when you enable the gateway. > > All I want to do is route several specific IP's from eth0 to ppp0. > Is routing tables the wrong approach. Should I be reading the firewall howto > instead? > And, of course, it's > route add -host 10.0.0.150 dev ppp0 > > It's a bit confusing, because eth1 to adsl modem is on 10.0.0.0, and the lan on > the end of ppp0 is also on 10.0.0.0.
Yeah I thought that was particularly ugly too. It would only affect LAN users ability to access the ADSL router (eg it's web config interface). You can probably configure the ADSL router to give a different subnet... maybe 192.168.10.0/255.255.255.0 would be better - note the subnet is reduced to 256 addresses so it won't conflict with your 192.168.0.0 subnet and also will eliminate the double route for 10.0.0.0 network. Alternately if you've got time to fiddle without users hassling you, maybe select bridge mode for the ADSL box and have the public IP on eth1 of your e-smith box. This will avoid double-nat for internet bound packets and help if/when you decide to make any SME services publicly accessable. On the possible downside, the responsibility of firewalling now belongs to the SME server and you. -- ---<GRiP>--- Electronic Hobbyist, Former Arcadia BBS nut, Occasional nudist, Linux Guru, SLUG Secretary, AUUG and Linux Australia member, Sydney Flashmobber, BMX rider, Walker, Raver & rave music lover, Big kid that refuses to grow up. I'd make a good family pet, take me home today! Do people actually read these things? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html