John covici wrote: > Hi. I have a system with two network cards -- eth0 is a public ip > address and eth1 is on an internal network. Now I have all the packet > forwards enabled, and there is a route from eth1 to the internal > network, but if a computer on the internal network sets his gateway to > the box, he can't traceroute past the box to the internet. There > are no iptable rules yet. > > Here is the routing table as produced by route. > Destination Gateway Genmask Flags Metric Ref Use Iface > 64.183.125.208 * 255.255.255.248 U 0 0 0 eth0 > 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1 > 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0 > default rrcs-64-183-125 0.0.0.0 UG 0 0 0 eth0 > > > What am I doing wrong here? > > Any assistance would be appreciated. > Two things spring to mind. 1. What result do you get from "cat /proc/sys/net/ipv4/ip_forward"? If it's zero then you haven't got forwarding enabled. 2. Even if it is enabled, stuff on the LAN will head out to the big wide world with a 192.168.1.x address on it and get eaten by any properly-configured router outside. To fix the first one, just "echo 1 > /proc/sys/net/ipv4/ip_forward" to enable forwarding. To fix the second one, you'll need a bunch of iptables rules to set up NAT so all outbound traffic goes out using your public IP. -- Dave http://www.llondel.org So many gadgets, so little time _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
