LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 12-04-2005, 10:50 AM   #1
aaf
LQ Newbie
 
Registered: Dec 2005
Location: Scotland
Distribution: Ubuntu & Debian
Posts: 12

Rep: Reputation: 0
Crossover Connection to Rio Karma on second NIC


Hi,

I have a Rio Karma music player which can use ethernet to connect to my computer. It has issues when plugged directly into my network so up till now I have had to unplug my normal network cable and hook up the Karma via a crossover cable every time I want to connect to it. The Karma is currently configured with 192.168.0.10 netmask 255.255.255.0 and running the following on my PC sets up the connection nicely.

>ifconfig eth0 down
>ifconfig eth0 192.168.0.2 netmask 255.255.255.0 up

This palava is a real pain to do on a regular basis, so I thought I'd install a second NIC card I had lying around so that I can hook it up without having to disconnect from my network.

I haven't been able to get it to work though and I'm not sure what I should be doing in terms of netmasks and IPs. On my network my PC has the IP 192.168.0.90 netmask 255.255.255.0. What IPs should I use for setting up the crossover connection on eth1 to the Karma.

Any help much appreciated!
 
Old 12-04-2005, 12:33 PM   #2
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
Would seem odd that if using a regular network cable connect to a switch that it would not work. Using a crossover to a single machine works fine. Very odd.

Did not say which distro using but this is a basic idea.
1. Leave the eth0 to work normally.
2. using the second nic as eth1 set it up like you did as if it was eth0
3. Now use only one network interface at a time.
bring eth1 down and eth0 up for normal network use.
bring eth0 down and then eth1 for karma connection.

Hope this works
Brian
 
Old 12-04-2005, 05:32 PM   #3
aaf
LQ Newbie
 
Registered: Dec 2005
Location: Scotland
Distribution: Ubuntu & Debian
Posts: 12

Original Poster
Rep: Reputation: 0
Hi,

I was hoping to be able to have both networks up at once, but I've adopted your idea and it works quite well. At least I don't have to unplug things.
Apparently the Karma has known timing issues with its ethernet connection that often cause problems and apparently (I've certainly found this) the crossover connection works a lot more reliably.
Its Fedora Core 4 I'm using.

Thanks!

Last edited by aaf; 12-04-2005 at 05:43 PM.
 
Old 12-04-2005, 05:40 PM   #4
michaelk
Moderator
 
Registered: Aug 2002
Posts: 12,152

Rep: Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783
If your network is 192.168.0.xxx then configure your second network IP address to another subnet like 192.168.1.xxx. Be sure to change the music player to match the IP address.
 
Old 12-05-2005, 07:43 PM   #5
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
Michealk has a good idea. Only issue is not to define a gateway on eth1.


All of this below may be overkill but it is the way I would try it off the bat. The basics is masquerading the addtional nics and forwarding data to eth1 to a define IP.

Not sure how well this will work but you might use the script below to allow connection of the karma on eth1 at IP 192.168.1.10. To access it use the IP address of 192.168.0.10. With the script below it forwards all traffic to IP 192.168.0.10 to 192.168.1.10. So to access the Karma device use the IP of 192.168.0.10. It is defined at the bottom of the script. I know most of this is overkill but should work well. It is a basic firewall masquerade script using iptables. I modified the script to match the way I defined your IP setup. Modify if needed.


First we need to define a few things.

1. There will be two IPs defined to eth0. One is your regular IP on eth0 as 192.168.0.2, subnet 255.255.255.0, gateway 192.168.0.1 (Note this is a guess at the routers IP you are using, change if needed). The second is a virtual alias IP of 192.168.0.10 as eth0:0.
2. IP for eth1 will be 192.168.1.1, Subnet 255.255.255.0, and NO gateway will be defined here.

Summed up
eth0 IP 192.168.0.2, subnet 255.255.255.0, gateway 192.168.0.1
eth0:0 IP 192.168.0.10, subnet 255.255.255.0
eth1 IP 192.168.1.1, subnet 255.255.255.0
karma IP 192.168.1.10, subnet 255.255.255.0, gateway 192.168.1.1

Create eth0 and eth1 as normal minus no gateway on eth1. eth0:0 is just the same as eth0 or eth1.

I would do it like this:

/sbin/ifconfig lo 127.0.0.1
/sbin/ifconfig eth0 up
/sbin/ifconfig eth0 192.168.0.2
/sbin/ifconfig eth0:0 192.168.0.10

Run the command ' /sbin/ifconfig ' to show all nic interfaces.

Setup the routes. First route the loopback, then the net, and finally, the various IP addresses starting with the default (originally allocated) one:

/sbin/route add -net 127.0.0.0
/sbin/route add -net 192.168.0.0 dev eth0
/sbin/route add -host 192.168.0.2 dev eth0
/sbin/route add -host 192.168.0.10 dev eth0:0
/sbin/route add default gw 192.168.0.1

Run the command ' /sbin/route -v ' to show routing table.

Script: call it say /etc/karma.sh (Note the script needs to be executable after created. Use the command ' chmod +x /etc/karma.sh '.). Cut and paste the contents in the code box to a file called karma.sh, save and exit, and make it executable. To run it use the command ' ./karma.sh '
Code:
#!/bin/sh
#
# rc.firewall - Initial SIMPLE IP Firewall script for Linux 2.4.x and iptables
#
# Copyright (C) 2001  Oskar Andreasson <blueflux@koffein.net>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program or from the site that you downloaded it
# from; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA  02111-1307   USA
#

###########################################################################
#
# 1. Configuration options.
#

###########################################################################
#
# Local Area Network configuration.
#
# your LAN's IP range and localhost IP. /24 means to only use the first 24 
# bits of the 32 bit IP adress. the same as netmask 255.255.255.0
#

LAN_IP="192.168.1.1"
LAN_IP_RANGE="192.168.1.0/24"
LAN_BCAST_ADRESS="192.168.1.255"
LAN_IFACE="eth1"

###########################################################################
#
# Localhost Configuration.
#

LO_IFACE="lo"
LO_IP="127.0.0.1"

###########################################################################
#
# Internet Configuration. eth0 IP
#

INET_IP="192.168.0.2"
INET_IFACE="eth0"

###########################################################################
#
# IPTables Configuration.
#

IPTABLES="/usr/sbin/iptables"

###########################################################################
#
# 2. Module loading.
#

#
# Needed to initially load modules
#
/sbin/depmod -a

#
# Adds some iptables targets like LOG, REJECT and MASQUARADE.
#
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_tables
/sbin/modprobe iptable_filter
/sbin/modprobe iptable_mangle
/sbin/modprobe iptable_nat
/sbin/modprobe ipt_LOG
#/sbin/modprobe ipt_REJECT
#/sbin/modprobe ipt_MASQUERADE

#
# Support for owner matching
#
#/sbin/modprobe ipt_owner

#
# Support for connection tracking of FTP and IRC.
#
#/sbin/modprobe ip_conntrack_ftp
#/sbin/modprobe ip_conntrack_irc


###########################################################################
#
# 3. /proc set up.
#
# Enable ip_forward if you have two or more networks, including the
# Internet, that needs forwarding of packets through this box. This is
# critical since it is turned off as default in Linux.
#

echo "1" > /proc/sys/net/ipv4/ip_forward

#
# Dynamic IP users:
#
#echo "1" > /proc/sys/net/ipv4/ip_dynaddr

###########################################################################
#
# 4. IPTables rules set up.
#
# Set default policies for the INPUT, FORWARD and OUTPUT chains.
#

$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT DROP
$IPTABLES -P FORWARD DROP

#
# bad_tcp_packets chain
#
# Take care of bad TCP packets that we don't want.
#

$IPTABLES -N bad_tcp_packets
$IPTABLES -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j LOG \
--log-prefix "New not syn:"
$IPTABLES -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j DROP

#
# Do some checks for obviously spoofed IP's
#

$IPTABLES -A bad_tcp_packets -i $INET_IFACE -s 192.168.0.0/16 -j DROP
$IPTABLES -A bad_tcp_packets -i $INET_IFACE -s 10.0.0.0/8 -j DROP
$IPTABLES -A bad_tcp_packets -i $INET_IFACE -s 172.16.0.0/12 -j DROP

#
# Enable simple IP Forwarding and Network Address Translation
#

$IPTABLES -t nat -A POSTROUTING -o $INET_IFACE -j SNAT --to-source $INET_IP

#
# Bad TCP packets we don't want
#

$IPTABLES -A FORWARD -p tcp -j bad_tcp_packets

#
# Accept the packets we actually want to forward
#

$IPTABLES -A FORWARD -i $LAN_IFACE -j ACCEPT
$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -m limit --limit 3/minute --limit-burst 3 -j LOG \
--log-level DEBUG --log-prefix "IPT FORWARD packet died: "

#
# Create separate chains for ICMP, TCP and UDP to traverse
#

$IPTABLES -N icmp_packets
$IPTABLES -N tcp_packets
$IPTABLES -N udpincoming_packets

#
# The allowed chain for TCP connections
#

$IPTABLES -N allowed
$IPTABLES -A allowed -p TCP --syn -j ACCEPT
$IPTABLES -A allowed -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A allowed -p TCP -j DROP

#
# ICMP rules
#

# Changed rules totally
$IPTABLES -A icmp_packets -p ICMP -s 0/0 --icmp-type 8 -j ACCEPT
$IPTABLES -A icmp_packets -p ICMP -s 0/0 --icmp-type 11 -j ACCEPT

#
# TCP rules
#

$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 21 -j allowed
$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 22 -j allowed
$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 80 -j allowed
$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 113 -j allowed

#
# UDP ports
#

# nondocumented commenting out of these rules
#$IPTABLES -A udpincoming_packets -p UDP -s 0/0 --source-port 53 -j ACCEPT
#$IPTABLES -A udpincoming_packets -p UDP -s 0/0 --source-port 123 -j ACCEPT
$IPTABLES -A udpincoming_packets -p UDP -s 0/0 --source-port 2074 -j ACCEPT
$IPTABLES -A udpincoming_packets -p UDP -s 0/0 --source-port 4000 -j ACCEPT

##########################
# INPUT chain
#
# Bad TCP packets we don't want.
#

$IPTABLES -A INPUT -p tcp -j bad_tcp_packets

#
# Rules for incoming packets from the internet.
#

$IPTABLES -A INPUT -p ICMP -i $INET_IFACE -j icmp_packets
$IPTABLES -A INPUT -p TCP -i $INET_IFACE -j tcp_packets
$IPTABLES -A INPUT -p UDP -i $INET_IFACE -j udpincoming_packets

#
# Rules for special networks not part of the Internet
#

$IPTABLES -A INPUT -p ALL -i $LAN_IFACE -d $LAN_BCAST_ADRESS -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $LO_IP -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $LAN_IP -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $INET_IP -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LAN_IFACE -s $LAN_IP_RANGE -j ACCEPT
$IPTABLES -A INPUT -p ALL -d $INET_IP -m state --state ESTABLISHED,RELATED \
-j ACCEPT
$IPTABLES -A INPUT -m limit --limit 3/minute --limit-burst 3 -j LOG \
--log-level DEBUG --log-prefix "IPT INPUT packet died: "

###############################
# OUTPUT chain
#
#
# Bad TCP packets we don't want.
#

$IPTABLES -A OUTPUT -p tcp -j bad_tcp_packets

#
# Special OUTPUT rules to decide which IP's to allow.
#

$IPTABLES -A OUTPUT -p ALL -s $LO_IP -j ACCEPT
$IPTABLES -A OUTPUT -p ALL -s $LAN_IP -j ACCEPT
$IPTABLES -A OUTPUT -p ALL -s $INET_IP -j ACCEPT

#
# Log weird packets that don't match the above.
#

$IPTABLES -A OUTPUT -m limit --limit 3/minute --limit-burst 3 -j LOG \
--log-level DEBUG --log-prefix "IPT OUTPUT packet died: "



## Destination NAT -- (DNAT) Defined karma for karma

$IPTABLES -t nat -A PREROUTING -d 192.168.0.10 -j DNAT --to-destination 192.168.1.10

##EOF##
Hope this helps, also hope I did not miss anything. Let me know how it goes.
Brian
 
Old 12-15-2005, 08:37 AM   #6
aaf
LQ Newbie
 
Registered: Dec 2005
Location: Scotland
Distribution: Ubuntu & Debian
Posts: 12

Original Poster
Rep: Reputation: 0
Thanks for that fantastic reply, I'm sorry I didn't notice it earlier.
I'll certainly give it a try when I get the chance.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
howto: crossover connection between two linux machines? anGeR Linux - Networking 18 07-24-2013 12:23 AM
internet connection sharing between two computers using crossover cable farnell_mark Debian 1 06-04-2005 05:44 PM
Sharing internet connection between Slackware and XP via crossover cable islord Linux - Networking 3 01-24-2005 11:38 AM
problem sharing internet connection thru crossover network kozonak Linux - Newbie 3 03-09-2004 05:39 AM
Slackware 9, Windows XP, crossover cable and an internet connection dxdad Linux - Networking 37 11-11-2003 09:45 PM


All times are GMT -5. The time now is 09:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration