[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: problems with (perhaps) IPMASQ

Try on B:

cat 1 > /proc/sys/net/ipv4/ip_forward

;)

Sincerely,
wanderlust

У ср, 2008-01-23 у 10:13 +0100, Carlos Enrique Carleos Artime пише:
> 
> 
> Hello!
> 
> I have a home network with three computers (A, B and C).
> 
> Computer A has a direct connection to internet by a cable-modem.
> It has interfaces:
> - eth0 to internet, uses DHCP
> - eth1 to computer B, static IP-address: 192.168.0.2
> Its operating system is Debian etch, with default 
> IPMASQ configuration.  I added:
>  route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.0.1 eth1
> to /etc/init.d/bootmisc.sh (first) and to /etc/init.d/ipmasq (then)
> (without that "route add" it does not work either).
> 
> Computer B is connected to both A and C.
> Its interfaces:
> - rl0 to computer A, IP 192.168.0.1
> - ural0 to computer B, IP 192.168.2.1
> It runs FreeBSD 6.3, configured while install to be gateway (but no
> firewall).
> 
> Computer C is connected to B.  Interface:
> - ural0 to computer B, IP 192.168.2.2
> It has FreeBSD 6.3 and OpenBSD 4.0.
> 
> =========================================================================
> 
> Present situation:
> 
> Ping from B to C 192.168.2.2 success.
> Ping from C to B 192.168.2.1 success.
> Ping from C to B 192.168.0.1 success.
> Ping from B to A 192.168.0.2 success.
> Ping from B to anywhere in internet success.
> Ping from A to B 192.168.0.1 success.
> Ping from C to A 192.168.0.2 failed (host is down).
> Ping from A to B 192.168.2.1 failed:
>  knoppix@A:~$ ping 192.168.2.1
>  PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
>  ping: sendmsg: Operation not permitted
>  ping: sendmsg: Operation not permitted
> 
> 
> Does anybody know where the problem is?
> 
> The aim is for C to be able to connect to internet (for now, I run an
> X server in C, ssh from C to B, and run applications in B displaying 
> in C).
> 
> I read documents about IPmasq and IPtables, but understood not enough.
> I tried examples in /usr/share/doc/ipmasq/examples/basics but failed.
> I added the "route add" line after reading FreeBSD manual on routing.
> 
> Many thanks for your time and help :-)
> 
> 
> =================================================================== 
> 
> Jen plia informo:
> 
> knoppix@A:~$ /sbin/route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 192.168.2.0     192.168.0.1     255.255.255.0   UG    0      0        0 eth1
> 192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
> 85.152.88.0     0.0.0.0         255.255.252.0   U     0      0        0 eth0
> 0.0.0.0         85.152.88.254   0.0.0.0         UG    0      0        0 eth0
> root@A:~# iptables -L INPUT
> Chain INPUT (policy DROP)
> target     prot opt source               destination
> ACCEPT     0    --  anywhere             anywhere
> LOG        0    --  loopback/8           anywhere            LOG level warning
> DROP       0    --  loopback/8           anywhere
> ACCEPT     0    --  anywhere             255.255.255.255
> ACCEPT     0    --  192.168.0.0/24       anywhere
> ACCEPT    !tcp  --  anywhere             BASE-ADDRESS.MCAST.NET/4
> LOG        0    --  192.168.0.0/24       anywhere            LOG level warning
> DROP       0    --  192.168.0.0/24       anywhere
> ACCEPT     0    --  anywhere             255.255.255.255
> ACCEPT     0    --  anywhere             cm-85-152-88-242.telecable.es
> ACCEPT     0    --  anywhere             85.152.91.255
> LOG        0    --  anywhere             anywhere            LOG level warning
> DROP       0    --  anywhere             anywhere
> root@A:~# iptables -L OUTPUT
> Chain OUTPUT (policy DROP)
> target     prot opt source               destination
> ACCEPT     0    --  anywhere             anywhere
> ACCEPT     0    --  anywhere             255.255.255.255
> ACCEPT     0    --  anywhere             192.168.0.0/24
> ACCEPT    !tcp  --  anywhere             BASE-ADDRESS.MCAST.NET/4
> LOG        0    --  anywhere             192.168.0.0/24      LOG level warning
> DROP       0    --  anywhere             192.168.0.0/24
> ACCEPT     0    --  anywhere             255.255.255.255
> ACCEPT     0    --  cm-85-152-88-242.telecable.es  anywhere
> ACCEPT     0    --  85.152.91.255        anywhere
> LOG        0    --  anywhere             anywhere            LOG level warning
> DROP       0    --  anywhere             anywhere
> root@A:~# iptables -L FORWARD
> Chain FORWARD (policy DROP)
> target     prot opt source               destination
> ACCEPT     0    --  192.168.0.0/24       anywhere
> ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTABLISHED
> LOG        0    --  anywhere             19
> 
> ____________________________________________________________________________
> 
>  Carlos Enrique Carleos Artime             FidoNet-poshto:      2:341/14.79
>  Dep-to de Statistiko kaj Plejbonigo,      Retposhto:     carleos@uniovi.es
>            kaj Matematika Didaktiko        Telefono:        +34 985 181 904
>  Universitato Oviedo - Asturio             Adreso: EUITIndus 33203 Hispanio
> 
> 
> __________________________________________________________________________
> 
>    Departemento pri Statistiko kaj Plejbonigo, kaj Matematika Didaktiko   
>    Universitato Oviedo - EUITIndus 33203 Hispanio - 2:341/14.79@fidonet   
> 
>
Reply to: