[ale] more on the IP/MASQ question, need help

Thu Sep 23 17:37:29 EDT 1999

Got it. See below.

jj at spiderentertainment.com wrote:
> 
> I'm not at home right now, but this is what I did(from my memory).
> eth0: ip address assigned by the DHCP server
> eth1: 10.0.0.1    Netmas 255.255.255.0 on all for 10.0.0.
> Windows 1: 10.0.0.2 gateway 10.0.0.1
> Windows 2: 10.0.0.3 gateway 10.0.0.1
> 
> enabled the /proc.../ip_forward
> loaded the ip_masq_autofw
> 
> test1: (same as in the HOWTO)
> ipchains -P forward DENY
> ipchains -F forward -j MAS -s 10.0.0.0/255.255.255.0 -d 0.0.0.0/0

If this is not a typo, it's your problem - the masquerading chain's
name is "MASQ", not "MAS". But I expect you would have seen the
"No such chain" error, thus I conclude that you really did it
right. However, there's another problem here: you need to tell
it what interface to forward on.

Try:
ipchains -F forward -j MASQ -i ${CABLE_IP} -s 10.0.0.0/255.255.255.0 -d
0.0.0.0/0

Obviously, you need to rerun you ipchains script when DHCP
changes your address. Your DHCP client should run a script
when it detects a change, which you can use for this.
dhcpcd definitely allows this.

Hope this helps,

-- Joe

> I also used the ipchains input for DHCP as described in the HOWTO
> 
> since that did now work, I thought maybe it gets confused on which nic to MASQ.
> 
> so I did this:
> 
> ipchains -F forward -j MAS -s 10.0.0.0/255.255.255.0 -d 0.0.0.0/0 -P all -i
> eth1
> 
> Then I switched to ipfwadm, I knew this will not work, but I tried it
> anyways...
> 
> help ?
> 
> Joe Knapka wrote:
> 
> > You have, of course, invoked the magical incantation known
> > as "Rusty's 3-line Guide to IP Masquerading" from the
> > IP-Masq HOWTO, correct? Including the all-important
> > "echo 1 > .../ip_forward"? And you have set all the Windows
> > machines to use the Linux box as their gateway?
> >
> > -- Joe
> >
> > jj at spiderentertainment.com wrote:
> > >
> > > Ok, I give up, please help.
> > > This is what I got so far:
> > >
> > > 2 machines are windows, 1 is linux RH6.0(just installed)
> > >
> > > Linux:
> > > it has 2 network cards, both are working perfectly.
> > > Eth0 is connected to a cable modem via RJ45.
> > > Eth1 is connected to the other two windows machines via coaxal cable.
> > >
> > > Windows machines: work perfectly, they talk to linux(ping, telnet, etc)
> > >
> > > >From windows I can ping eth0 and eth1 but I can not seem to go outside, I
> > > can not ping anything on the net.
> > >
> > > Can ya help ?
> > >
> > > Thank you.
> >
> > -- Joe Knapka
> > * I speak only for myself, not for these idiots:
> > * The Software Monastery - "Better Software Through Divine
> > * Intervention." Source-code prayer vigils available - nominal
> > * donation $0.01/LOC. http://whyme.penguinpowered.com/monastery.html

-- Joe Knapka
* I speak only for myself, not for these idiots:
* The Software Monastery - "Better Software Through Divine
* Intervention." Source-code prayer vigils available - nominal
* donation $0.01/LOC. http://whyme.penguinpowered.com/monastery.html