Re: linux-unix network connection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Dec 02, 2003 at 03:48:29PM +0100, Kurt Richter wrote:

> Here the outputs:
> 
> [root@kurt root]# iptables -L
> Chain INPUT (policy ACCEPT)

*snip*

Ah, you might have to set up the nat table, too.  Try this (here's the
output from mine for you, too):

[root@tron root]# iptables -v -L -t nat
Chain PREROUTING (policy ACCEPT 30078 packets, 3244K bytes)
 pkts bytes target     prot opt in     out     source destination
 
Chain POSTROUTING (policy ACCEPT 352 packets, 59478 bytes)
 pkts bytes target     prot opt in     out     source destination
15895  915K MASQUERADE  all  --  any    ppp+    anywhere anywhere
 
Chain OUTPUT (policy ACCEPT 1652 packets, 160K bytes)
 pkts bytes target     prot opt in     out     source destination


See the POSTROUTING NAT rule?  That should allow outgoing packets to be
mangled correctly.

> [root@kurt root]# route -n
> Kernel IP Routentabelle
> Ziel            Router          Genmask         Flags Metric Ref    Use 
> Iface
> 217.5.98.177    0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
> 192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
> 0.0.0.0         217.5.98.177    0.0.0.0         UG    0      0        0 ppp0

You should drop the 169.254.0.0 route.  That's for DHCP machines that have
not been assigned an IP address.  Either manually configure those machine
with an IP address, or set up a DHCP server on your LAN.



On Tue, Dec 02, 2003 at 11:47:00AM -0500, Jay Daniels wrote:

> If you are using ppp, would not the firewall/packet-forwarding have to
> be started after ppp0 is up since ppp0 is your inet interface and it
> does not exist during boot up?

Nope.  You can specify forwarding rules and such by interface, even if the
interface is not up yet, if you use the plus notation.  Have a look at my
nat rules above, you'll see one that says the output is ppp+, which means
"any ppp interface".

> Hey, since you changed net.ipv4.ip_forward =1 did you restart network?
> service network restart

Hmmmm, I don't think it's necessary, but it certainly can't do any harm.
What I did miss out, however, is how to reload the sysctl.conf file:

  sysctl -e -p

Regards, Msquared...


-- 
Shrike-list mailing list
Shrike-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/shrike-list
[Index of Archives]     [Fedora Users]     [Centos Users]     [Kernel Development]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat Phoebe Beta]     [Yosemite Forum]     [Fedora Discussion]     [Gimp]     [Stuff]     [Yosemite News]

  Powered by Linux