Re: Setting up masquerading (not sure where the problem is happening)

To: Gary Lucas <lucasg@telus.net>
Cc: Debian Firewall List <debian-firewall@lists.debian.org>
Subject: Re: Setting up masquerading (not sure where the problem is happening)
From: Dave Price <davep@kinaole.org>
Date: Mon, 9 Sep 2002 11:15:19 -0600
Message-id: <20020909111519.K14190@kinaole.org>
In-reply-to: <3D7CD1DF.44AA86D8@telus.net>
References: <3D7C62F8.FC0B40D@telus.net> <20020909095939.GA6336@robian> <20020909155129.GB14797@bob.n7xy.net> <20020909102500.G14190@kinaole.org> <3D7CD1DF.44AA86D8@telus.net>

On Mon, Sep 09, 2002 at 09:52:47AM -0700, Gary Lucas wrote:
> Hmm, ok...
> 
> I have never had problems getting the box connected to my ISP,  I am haveing
> problems getting the ethernet working on eth1...
> IE:  No connection between linux box and the pc's it's connected to..
> 
when you set up the routing for eth1, do not use a default gw.  Windows
box on your 192 net should default to the ip of your linux eth1.

davep@fw:/etc/network$ cat interfaces
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)

# The loopback interface
auto lo
iface lo inet loopback

# The first network card - this entry was created during the Debian
installation
# (network, broadcast and gateway are optional)
#auto eth0
iface eth0 inet static
        address 192.168.2.254
        netmask 255.255.255.0
        network 192.168.2.0
        broadcast 192.168.2.255
        gateway 192.168.2.1

#auto eth1
iface eth1 inet static
        address 63.225.118.100
        netmask 255.255.255.248
        network 63.225.118.100
        broadcast 63.225.118.103
        gateway 63.225.118.102
---

davep@fw:/etc/network$ /sbin/route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
63.225.118.96   0.0.0.0         255.255.255.248 U     0      0        0
eth1
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0
eth0
0.0.0.0         63.225.118.102  0.0.0.0         UG    0      0        0
eth1
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0
eth0

This works here -

I really have a 192.168.2.1, so I need a gw to that LAN, you do
not

all you need is:

/sbin/route add -net 192.168.whatever eth1 

no broadcast (linux fingers that out, and if you do use a gateway
address it MUST be directly reachable from the routed interface - that
is what a gateway means - "If you need to get out of here, this is an
address you can talk to directly, that know's how to get out" but you
allways need to be able to ping your gateway adress _directly_


Once you bring up eth1 with no gw, you should be able to ping windows
boxes on the 192 network; then you can worry about making iptables run.

I just compiled a 2.4.18 kernel with ALL the netfilter options as
modules and it works great.

aloha,
dave

Reply to:

References:
- Setting up masquerading (not sure where the problem is happening)
  - From: Gary Lucas <lucasg@telus.net>
- Re: Setting up masquerading (not sure where the problem is happening)
  - From: Robert Ian Smit <robian@wanadoo.nl>
- Re: Setting up masquerading (not sure where the problem is happening)
  - From: Bob Nielsen <nielsen@oz.net>
- Re: Setting up masquerading (not sure where the problem is happening)
  - From: Dave Price <davep@kinaole.org>
- Re: Setting up masquerading (not sure where the problem is happening)
  - From: Gary Lucas <lucasg@telus.net>

Prev by Date: Bits of honeypot (LaBrea)
Next by Date: Re: Setting up masquerading (not sure where the problem is happening)
Previous by thread: Re: Setting up masquerading (not sure where the problem is happening)
Next by thread: Re: Setting up masquerading (not sure where the problem is happening)
Index(es):
- Date
- Thread