Re: modem / pon / serial problems
On Thu, Feb 06, 2003 at 11:42:10AM -0600, Keith G. Murphy wrote:
> Pigeon wrote:
> >
> > On the modem box I do
> > echo 1 > /proc/sys/net/ipv4/ip_forward
> > ipchains -A forward -s 192.168.1.1/32 -d 0.0.0.0/0 -j ACCEPT -b
> > ipchains -P forward ACCEPT
> > pon ukonline
> > ping 195.40.1.36 (this is a ukonline DNS server)
> > ... and it works.
> >
> > I go back to the main box and try and ping the same address, and
> > nothing happens.
> >
>
> I'm no expert on ipchains (I've only used iptables), but don't you need
> to do something for IP Masquerading? In other words, how would the
> modem box know how to send the response to the ping back to the "rear"
> box? Someone please correct me if I'm wrong.
I thought that was what the -b ("bidirectional") option did. But never
mind. I think the document I was reading was a bit out of date. I
found a more recent one that spoke in terms of iptables, and that
works, so that's what I'm using now.
> I've appended the script I used for doing this sort of thing using
> iptables. Note the lines involving 'nat'.
>
> It's a shame doing this sort of thing is a bit of a black art (best I
> can recall I cobbled this together using someone else's script on the
> 'Net), but you're getting a router for free, so you can't complain too
> much! :-)
Thanks for that. It is much easier to understand something by having a
"recipe" that works, looking up the options used to see what they do,
and thus arriving at some picture of what's going on, than by looking
at the same man pages with no picture of what goes on, which is a bit
like trying to assemble one jigsaw out of a bag containing the bits of
several jigsaws, all different but with similar pictures.
Thanks,
Pigeon
Reply to: