[ale] more on the IP/MASQ question, need help
Jim Kinney
jkinney at teller.physics.emory.edu
Fri Sep 24 11:00:41 EDT 1999
A correction for the ipchains line below: ${CABLE_IP} should be eth0
There is no need to rerun the ipchains script. It uses the net device not
the ip address.
On Thu, 23 Sep 1999, Joe Knapka wrote:
> Got it. See below.
>
> jj at spiderentertainment.com wrote:
> >
> > I'm not at home right now, but this is what I did(from my memory).
> > eth0: ip address assigned by the DHCP server
> > eth1: 10.0.0.1 Netmas 255.255.255.0 on all for 10.0.0.
> > Windows 1: 10.0.0.2 gateway 10.0.0.1
> > Windows 2: 10.0.0.3 gateway 10.0.0.1
> >
> > enabled the /proc.../ip_forward
> > loaded the ip_masq_autofw
> >
> > test1: (same as in the HOWTO)
> > ipchains -P forward DENY
> > ipchains -F forward -j MAS -s 10.0.0.0/255.255.255.0 -d 0.0.0.0/0
>
> If this is not a typo, it's your problem - the masquerading chain's
> name is "MASQ", not "MAS". But I expect you would have seen the
> "No such chain" error, thus I conclude that you really did it
> right. However, there's another problem here: you need to tell
> it what interface to forward on.
>
> Try:
> ipchains -F forward -j MASQ -i ${CABLE_IP} -s 10.0.0.0/255.255.255.0 -d
> 0.0.0.0/0
>
> Obviously, you need to rerun you ipchains script when DHCP
> changes your address. Your DHCP client should run a script
> when it detects a change, which you can use for this.
> dhcpcd definitely allows this.
>
> Hope this helps,
>
> -- Joe
>
> > I also used the ipchains input for DHCP as described in the HOWTO
> >
> > since that did now work, I thought maybe it gets confused on which nic to MASQ.
> >
> > so I did this:
> >
> > ipchains -F forward -j MAS -s 10.0.0.0/255.255.255.0 -d 0.0.0.0/0 -P all -i
> > eth1
> >
> > Then I switched to ipfwadm, I knew this will not work, but I tried it
> > anyways...
> >
> > help ?
> >
> > Joe Knapka wrote:
> >
> > > You have, of course, invoked the magical incantation known
> > > as "Rusty's 3-line Guide to IP Masquerading" from the
> > > IP-Masq HOWTO, correct? Including the all-important
> > > "echo 1 > .../ip_forward"? And you have set all the Windows
> > > machines to use the Linux box as their gateway?
> > >
> > > -- Joe
> > >
> > > jj at spiderentertainment.com wrote:
> > > >
> > > > Ok, I give up, please help.
> > > > This is what I got so far:
> > > >
> > > > 2 machines are windows, 1 is linux RH6.0(just installed)
> > > >
> > > > Linux:
> > > > it has 2 network cards, both are working perfectly.
> > > > Eth0 is connected to a cable modem via RJ45.
> > > > Eth1 is connected to the other two windows machines via coaxal cable.
> > > >
> > > > Windows machines: work perfectly, they talk to linux(ping, telnet, etc)
> > > >
> > > > >From windows I can ping eth0 and eth1 but I can not seem to go outside, I
> > > > can not ping anything on the net.
> > > >
> > > > Can ya help ?
> > > >
> > > > Thank you.
> > >
> > > -- Joe Knapka
> > > * I speak only for myself, not for these idiots:
> > > * The Software Monastery - "Better Software Through Divine
> > > * Intervention." Source-code prayer vigils available - nominal
> > > * donation $0.01/LOC. http://whyme.penguinpowered.com/monastery.html
>
> -- Joe Knapka
> * I speak only for myself, not for these idiots:
> * The Software Monastery - "Better Software Through Divine
> * Intervention." Source-code prayer vigils available - nominal
> * donation $0.01/LOC. http://whyme.penguinpowered.com/monastery.html
>
More information about the Ale
mailing list