on Sunday 01/28/2007 David Hough(lists@xxxxxxxxxxx) wrote > John covici wrote: > > Hi. I have a system with two network cards -- eth0 is a public ip > > address and eth1 is on an internal network. Now I have all the packet > > forwards enabled, and there is a route from eth1 to the internal > > network, but if a computer on the internal network sets his gateway to > > the box, he can't traceroute past the box to the internet. There > > are no iptable rules yet. > > > > Here is the routing table as produced by route. > > Destination Gateway Genmask Flags Metric Ref Use Iface > > 64.183.125.208 * 255.255.255.248 U 0 0 0 eth0 > > 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1 > > 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0 > > default rrcs-64-183-125 0.0.0.0 UG 0 0 0 eth0 > > > > > > What am I doing wrong here? > > > > Any assistance would be appreciated. > > > Two things spring to mind. > > 1. What result do you get from "cat /proc/sys/net/ipv4/ip_forward"? If > it's zero then you haven't got forwarding enabled. > > 2. Even if it is enabled, stuff on the LAN will head out to the big wide > world with a 192.168.1.x address on it and get eaten by any > properly-configured router outside. > > To fix the first one, just "echo 1 > /proc/sys/net/ipv4/ip_forward" to > enable forwarding. > > To fix the second one, you'll need a bunch of iptables rules to set up > NAT so all outbound traffic goes out using your public IP. > -- > Dave > http://www.llondel.org > So many gadgets, so little time > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici covici@xxxxxxxxxxxxxx _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
