Gateway problems on Fedora C6
I am attempting to set up a small network.
I am going to use a server running Fedora C6 as the gateway to the network. On the gateway (Fedora system) eth0 is connected to the internet and has an IP 24.15.150.243 eth1 is connected to the internal network and has an IP of 10.10.10.1 The gateway is providing DHCP to the internal network and will provide an IP of 10.10.10.100 to the one system now on the network. The gateway (Fedora system) can ping both the internet and the internal network with no problems. However, the internal network system can only ping 10.10.10.1 and 24.15.150.243 (the gateway) no other systems. What I seem to be missing is a connection between the two ethernet cards so that when something comes in on 10.10.10.1 it can pass out to the internet through 24.15.150.243. Any help you could provide would be greatly appreciated. Sam Watson |
You would need to add something like this to your boot scripts:
Code:
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE |
Closer but still can't get out
Previously I had entered
Iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE and echo "1" >/proc/sys/net/ipv4/ip_forward So I checked /proc/sys/net/ipv4/ip_forward and it did have a 1 in it. I restored my iptables with iptables-restore to the original and I entered your commands since they were slightly different. I am still not getting out to the internet from the networked system. Here is a copy of my iptable if it will help: (I changed the spacing so it would fit better) Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT all -- anywhere anywhere state ELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Thanks Sam |
All times are GMT -5. The time now is 05:19 PM. |