simple nat firewall

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Before I even worry about a firewall I'm trying to get routing to happen 
between the 2 nics in the machine I'm going to use for this.

My table looks like this:

fw1 root # ip route show
127.0.0.1 dev lo  scope link
64.xx.xx.48/29 dev eth0  proto kernel  scope link  src 64.xx.xx.54
192.168.0.0/24 dev eth1  proto kernel  scope link  src 192.168.0.1
default via 64.xx.xx.49 dev eth0
fw1 root #

The main table looks like this:

fw1 root # ip route list table main
127.0.0.1 dev lo  scope link
64.xx.xx.48/29 dev eth0  proto kernel  scope link  src 64.xx.xx.54
192.168.0.0/24 dev eth1  proto kernel  scope link  src 192.168.0.1
default via 64.xx.xx.49 dev eth0
fw1 root #

I have to admit that I'm WAY out of practice in routing but I know I'm missing 
something real simple here. As you can see I have a block of 5 IP's that are 
statically assigned to me and I'm trying to use just 1 .54 that I'll NAT the 
internal network to. Both interfaces on the router machine are working as I 
can SSH into both IP's (using 2 other systems each on the same network as 
each of the routers interfaces).

When I try to ping thru the private interface to the outside world I get no 
responding and on the 3rd ping I get a report on the screen from 192.168.0.1 
that the destination address is unreachable.

I've looked at and studied the webpage 
http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.simple.html but I'm 
not that familier with iptables. I was using ipchains a few years back to 
build a router before and I got it working. It's been over a year since I 
touched any routing anything so I was hoping someone might help me out here 
and tell me where I'm going wrong.

Its odd but I can look at those tables and see something wrong but I can't 
quite put my finger on it. :(

Please help. Thanks.
Robert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9QdoCOWbzte5wVEURApnmAJ4/yUR5mGWrqBwqPt59MIiIjd3+mgCeLy7D
RpMKjAiyLnNUYOkjSL+W+Qk=
=bxee
-----END PGP SIGNATURE-----

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux