[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Notebook as Internet client as well as router (for the other computers)

At present time I don't understand all commands in the script;

however, using "sniffit", I found out something:
On the second computer (client), if a ping package is sent for the internet, that is, for an address that does not begin with 169.254 (they come from avahi) the source address is not 169.254.10.246, but 0.0.0.0 - Why? 

Is that a bug? If yes, is there a workaround for it?

The command on the client: route add default gw 196.254.195.183

- that is the local address of the notebook - has no effect on this. Why?

However, the command:

iptables -t nat -o eth0 -A POSTROUTING -j MASQUERADE
shouldn't it replace the 0.0.0.0 with the address that I got (through dhclient during system startup) from the provider, just as it replaces the local address with the address from the provider? Why doesn't it do that? 

Jordi Ferrando Fabra schrieb:

Hi David,
Attached my firewall script, hope it helps.
Good luck.

David wrote:

Hello,
I have a MBO "eurobook" 8375 - equiv. to Mitac 8375, running Squeeze - the Internet connection through the Cable modem to "KabelBW" works fine.
However, I also want to connect the other computers through it (in the notebook is eth0 the built-in card and is connected to the Internet, eth2 to the LAN).
Please help me to find out if I forgot sth (for example a kernel module), or if I made sth. wrong, or if it isn't successful because of a bug. 

eurobook-debian:/home/david# echo 1 > /proc/sys/net/ipv4/ip_forward
eurobook-debian:/home/david# cat /proc/sys/net/ipv4/ip_forward
1

eurobook-debian:/home/david# modprobe -v iptable_nat
insmod /lib/modules/2.6.26-2-686/kernel/net/netfilter/nf_conntrack.ko
insmod /lib/modules/2.6.26-2-686/kernel/net/ipv4/netfilter/nf_conntrack_ipv4.ko 
insmod /lib/modules/2.6.26-2-686/kernel/net/netfilter/x_tables.ko
insmod /lib/modules/2.6.26-2-686/kernel/net/ipv4/netfilter/nf_nat.ko
insmod /lib/modules/2.6.26-2-686/kernel/net/ipv4/netfilter/ip_tables.ko
insmod /lib/modules/2.6.26-2-686/kernel/net/ipv4/netfilter/iptable_nat.ko
eurobook-debian:/home/david# iptables -A POSTROUTING -t nat -j MASQUERADE

eurobook-debian:/home/david# iptables -t nat --list-rules
-P PREROUTING ACCEPT
-P POSTROUTING ACCEPT
-P OUTPUT ACCEPT
-A POSTROUTING -j MASQUERADE

eurobook-debian:/home/david# iptables -t nat --list
Chain PREROUTING (policy ACCEPT)
target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination A ping to the other computers is successful. - On the other computer (there is also Squeeze running): 

#route add default gw 169.254.195.183
To enter, for example, http://de.wikipedia.org in the browser, or a ping is not successful, even not a ping to 91.198.174.2 (that is the address at present time). 

Again checking the modules on the notebook:

eurobook-debian:/home/david# lsmod |grep ip
iptable_filter          2624  0
ipt_MASQUERADE          2592  1
iptable_nat             4680  1
ip_tables              10160  2 iptable_filter,iptable_nat
nf_nat                 15544  2 ipt_MASQUERADE,iptable_nat
x_tables               13284  3 ipt_MASQUERADE,iptable_nat,ip_tables
nf_conntrack_ipv4      12268  3 iptable_nat,nf_nat
nf_conntrack 55540 4 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4 
ipv6                  235364  29
crypto_blkcipher       15236  1 ecb
Reply to: