Re: nat ipchains on debian woody

To: "MB" <sparkynine@yahoo.com>, <debian-isp@lists.debian.org>
Subject: Re: nat ipchains on debian woody
From: "Francisco Castillo" <fcastillo@hostgreen.com>
Date: Mon, 28 Jun 2004 21:41:58 +0200
Message-id: <[🔎] 00c001c45d47$f9d4a3a0$1700a8c0@fcastillrrn93j>
References: <[🔎] 20040628191638.46074.qmail@web54104.mail.yahoo.com>

Hi Mark,

I have test your script but my woody give me this response:

morpheo:~# cat compartir2
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/eth0/rp_filter
echo 1 > /proc/sys/net/ipv4/conf/eth1/rp_filter

iptables -t nat -I POSTROUTING -s 192.168.0.0/24 -i eth1 -o eth0 -j
MASQUERADE

morpheo:~# ./compartir2
modprobe: Can't locate module ip_tables
iptables v1.2.6a: can't initialize iptables table `nat': iptables who? (do
you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
morpheo:~#

What can i do to solve this new issue?

My fisrt script which use ipchains was this:

morpheo:~# cat compartir

echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -j MASQ -s 192.168.0.0/16

Thanks in advance,


----- Original Message -----
From: "MB" <sparkynine@yahoo.com>
To: "Francisco Castillo" <fcastillo@hostgreen.com>;
<debian-isp@lists.debian.org>
Sent: Monday, June 28, 2004 9:16 PM
Subject: Re: nat ipchains on debian woody


Have you tried iptables instead?  If your kernel supports iptables,
then:

echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/$both_eth_devs/rp_filter

iptables -t nat -I POSTROUTING -s 192.168.0.0/24 -i eth1 -o eth0 -j
MASQUERADE

iptables also does the firewalling in other chains, btw

Mark

--- Francisco Castillo <fcastillo@hostgreen.com> wrote:
>
> Hello Gurus,
>
> I have installed a debian woody with to interfaces eth0 and eth1. I
> has configured the internet conexion on eth0 which has got a static
> ip on internet. And on eth1 i want to put a interface to do a proxy
> nat gateway on my internal lan (i want to put a 192.168.0.1 on it).
>
> I have read doc to do it but when i apply this doc i have a "your
> kernel seems to not support ipchains" messages when i try to do this.
> After this i have a 192.168.0.1 ip on eth1 but my pc´s on the
> internal lan can´t have internet access througth the eth0 (internet
> conexion).
>
> I think that the problem is that the kernel do not have a
> ipmasquerade support (NAT suppport), so i think that this is the only
> steep i need to do in order to apply correct the steps of the
> configuration that i has a problem with. So
>
> Did you know how to give a NAT (ipmasquerade support) on a debian
> woody kernel in order to solve my problem?
>
> What do exactly the command "apt-get install ipmasq" in this context
> ?
>
> Thanks in advance,
>
> Francisco.
>
>

Reply to:

References:
- Re: nat ipchains on debian woody
  - From: MB <sparkynine@yahoo.com>

Prev by Date: Re: nat ipchains on debian woody
Next by Date: Re: restricting sftp/ssh login access
Previous by thread: Re: nat ipchains on debian woody
Next by thread: Re: nat ipchains on debian woody
Index(es):
- Date
- Thread