On Wednesday 18 June 2003 14:59, Oeystein Olsen wrote: > On Wednesday 18 June 2003 14:22, Galea Gilbert wrote: > > thanks a lot Pavel. I had done the echo 1 > /proc/sys/net/ipv4/ip_forward > > now I added the sysctl.conf as you told me and restarted the network > > service > > > > I realised that once I did service network stop it said > > "Disabling IPv4 packet forwarding" so it was working however I still > > cannot ping from a machine behind the router to a machine on the other > > side (as in diag from subnet 1 to subnet 2) > > > > Laptop ---------- Router ----------- Laptop > > (dot 1) (dot 2) > > > > can it be that i have some firewalling enabled without me knowing? > > You also have to tell the kernel that it should forward packets between the > two interfaces. If the interfaces are eth0 and eth1 try the commands > > /sbin/iptables -A FORWARD -i eth0 -j ACCEPT > /sbin/iptables -A FORWARD -i eth1 -j ACCEPT > /sbin/iptables -A FORWARD -m --state ESTABLISHED,RELATED -j ACCEPT > > This assumes that you trust the traffic from both interfaces. On my machine > I only have 1st and 3rd line. If this doesn't work, I can send you the > script I use to generate firewalls and take care of routing. I'm sorry, I pushed enter a bit to early, you need a few more rules. Anyway, my setup basically should work like it's shown here: http://www.lystor.liu.se/~torkel/computer/linux/netfilter_masquerading.html Try that first. -- Øystein Olsen, oystein.olsen@xxxxxxxxxxxx, http://folk.uio.no/oeysteio Institute of Theoretical Astrophysics, http://www.astro.uio.no University of Oslo, Norway
