LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-03-2004, 09:26 PM   #1
rude_reality
Member
 
Registered: Feb 2004
Location: Gainesville, Fl
Distribution: Debian 6
Posts: 40

Rep: Reputation: 15
Angry Can't get my slackware router box to work


I finally saved the money to build myself linux box. it contains the following:

566 mhz
128 megs ram
2 network card (eth0 = 192.168.0.1- lan, eth1 = 192.168.1.2 - internet)
slackware 9.1 ( no xwindows and xwindows applications install)
7 megs of hard drive space ( 3 gigs for /, 1 and half gigs for /home, and 500 megs for swip


I been trying to connect my wife's computer (WINxp) through my linux box for a week now. I read the forums and tried the suggestion, but nothing work. I even tried firewall-jay.

oh, my wife ip address is 192.168.0.2 and my dsl modem assign the address to eth1.
 
Old 02-04-2004, 03:33 AM   #2
countcobolt
LQ Newbie
 
Registered: Nov 2002
Location: Belgium
Distribution: Slackware
Posts: 25

Rep: Reputation: 15
INT=eth1
EXT=eth0
iptables -A INPUT -i INT -s 192.168.0.2 -j ACCEPT
iptables -A OUTPUT-o INT -d 192.168.0.2 -j ACCEPT
iptables -A -t nat POSTROUTING -s 192.168.0.2 -j MASQUERADE


this should do the trick
grtz
Steve
 
Old 02-04-2004, 12:17 PM   #3
rude_reality
Member
 
Registered: Feb 2004
Location: Gainesville, Fl
Distribution: Debian 6
Posts: 40

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by countcobolt
INT=eth1
EXT=eth0
iptables -A INPUT -i INT -s 192.168.0.2 -j ACCEPT
iptables -A OUTPUT-o INT -d 192.168.0.2 -j ACCEPT
iptables -A -t nat POSTROUTING -s 192.168.0.2 -j MASQUERADE


this should do the trick
grtz
Steve

the last iptables come up with an error - something about nat is bad
 
Old 02-04-2004, 12:50 PM   #4
natalinasmpf
Member
 
Registered: Dec 2003
Distribution: Slackware 9.1
Posts: 309

Rep: Reputation: 30
Perhaps you need to modprobe to load the modules? It works fine for me!

A certain script generator you can use as well: http://iptables-script.dk/


This helps, which you can edit, well, because you certainly don't want a WAN to gain unprecendented access to your network, so you need Linux as the firewall, since installing Norton firewalls on XP will mess up the internet connection, for example.

You need to forward, etc. as well, also what kernel do you have?

This is mine which I configured from the script generator:

Code:
#!/bin/sh

# iptables script generator: V0.1-2002
# Comes with no warranty!
# e-mail: michael@1go.dk

# Disable forwarding
echo 0 > /proc/sys/net/ipv4/ip_forward

source /etc/dhcpc/dhcpcd-eth0.info

LAN_IP_NET='192.168.0.1/24'
LAN_NIC='eth1'
WAN_IP=$IPADDR
WAN_NIC='eth0'
FORWARD_IP='192.168.0.99 '

# load some modules (if needed)
modprobe ip_nat_ftp
modprobe ip_conntrack_ftp

# Flush
iptables -t nat -F POSTROUTING
iptables -t nat -F PREROUTING
iptables -t nat -F OUTPUT
iptables -F

#START FIREWALL (remove the following 3 lines for none) 

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# enable Masquerade and forwarding
iptables -t nat -A POSTROUTING -s $LAN_IP_NET -j MASQUERADE
iptables -A FORWARD -j ACCEPT -i $LAN_NIC -s $LAN_IP_NET
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

### BEGIN FIREWALL RULES#
# Open ports on router for server/services
iptables -A INPUT -j ACCEPT -p tcp --dport 80
iptables -A INPUT -j ACCEPT -p tcp --dport 21
iptables -A INPUT -j ACCEPT -p tcp --dport 110
iptables -A INPUT -j ACCEPT -p tcp --dport 25
iptables -A INPUT -j ACCEPT -p tcp --dport 22
iptables -A INPUT -j ACCEPT -p tcp --dport 6667
iptables -A INPUT -j ACCEPT -p tcp --dport 33047
iptables -A INPUT -j ACCEPT -p tcp --dport 33048

#bzflag
iptables -A INPUT -j ACCEPT -p udp --dport 42000:43000

#cossacks
iptables -A INPUT -j ACCEPT -p tcp --dport 2300:2400
iptables -A INPUT -j ACCEPT -p udp --dport 2300:2400
iptables -A INPUT -j ACCEPT -p tcp --dport 47624
iptables -A INPUT -j ACCEPT -p tcp --dport 3783
iptables -A INPUT -j ACCEPT -p tcp --dport 27900
iptables -A INPUT -j ACCEPT -p tcp --dport 28900
iptables -A INPUT -j ACCEPT -p tcp --dport 29900
iptables -A INPUT -j ACCEPT -p tcp --dport 29901
iptables -A INPUT -j ACCEPT -p tcp --dport 13139

### END FIREWALL RULES 

# STATE RELATED for router
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Open ports to server on LAN
iptables -A FORWARD -j ACCEPT -p tcp --dport 80
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.0.99
iptables -A FORWARD -j ACCEPT -p tcp --dport 21
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 21 -j DNAT --to 192.168.0.99
iptables -A FORWARD -j ACCEPT -p tcp --dport 22
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -j DNAT --to 192.168.0.99
iptables -A FORWARD -j ACCEPT -p tcp --dport 25
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to 192.168.0.99
iptables -A FORWARD -j ACCEPT -p tcp --dport 110
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 110 -j DNAT --to 192.168.0.99



# Enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
I got a free network card the last time I switched subscribers. Heck, magically, my wireless card (which is actually a second router) works too! (After my kernel upgrade).

The source command in my script is to load the variables for the DHCP IP as well, which becomes the WAN IP. For the firewall you may have to do some

Or you can take the risk and accept everything if you want, or write an autoconfig script for such games when it is called, for example (I can elaborate later). Slackware is known for its scripts no? Just link this to init.

Last edited by natalinasmpf; 02-04-2004 at 12:52 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Inetrnet connection sharing between a Slackware box and windows box planetsheinker Slackware 10 09-23-2006 11:53 PM
Connect to work box from home box slackist Linux - Networking 4 09-18-2004 05:34 AM
DHCP server problems -- can't get my box to work as a router KingofBLASH Linux - Networking 1 03-21-2004 06:19 AM
2.6.1 Kernel Doesn't work well on my Slackware 9.1 box Luantum Linux - General 1 02-03-2004 11:34 PM
Can ping box to box thru router - good sign? toastermaker Linux - Networking 15 12-07-2003 12:00 AM


All times are GMT -5. The time now is 06:39 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration