LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 07-05-2006, 12:28 AM   #1
imagineers7
Member
 
Registered: Mar 2006
Distribution: BackTrack, RHEL, FC, CentOS, IPCop, Ubuntu, 64Studio, Elive, Dream Linux, Trix Box
Posts: 310

Rep: Reputation: 30
masqueraded and got internet connection, no remote access to gateway!


Hi everyone,

I tried reading some threads but did not found solution.
This is because of my lower understanding with iptables and
I wanted to share a connection in my home lan using iptables forwarding but some how packets do get forwarded ,I can use Internet connection on all my machines but I cant access the machine (gateway) remotely. I think I am directly forwording the packets destined to the machine itself and want a way to return them to the machine. RETURN has something to do with this and I cant figure it out. Can some body help me.

Quote:
[root@firebird fire]# for nameserver in `grep nameserver /etc/resolv.conf | gawk -F" " '{print $2}'`; do iptables -t nat -A PREROUTING -d 192.168.111 -j DNAT --to-destination $nameserver; echo -e " Name server defined at $nameserver"; done;
Name server defined at x.x.x.x
Name server defined at x.x.x.x
[root@firebird fire]# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Above are the commands that I fire up to get connected to the Internet but after that I just cant access the machine by any other means (SSH , webmin)

Where I am going wrong?


Thanks in advance


Aniruddha

Last edited by imagineers7; 11-12-2006 at 04:34 AM.
 
Old 07-06-2006, 05:10 AM   #2
blackhole54
Senior Member
 
Registered: Mar 2006
Posts: 1,896

Rep: Reputation: 61
If your LAN is connected to eth0, and eth1 is your Internet connection, your POSTROUTING command looks fine. (Use SNAT instead of MASQUERADE if you have a static Internet IP address.) This should not interfere with your LAN operation and you should not need any additional commands to make it work.

If you are having trouble (for example) ssh'ing into this machine from another box on your LAN, your problem is probably in your netfilter INPUT chain, or possibly OUTPUT chain. If you can't access this machine from the Internet, your problem could, again, be in the INPUT or OUTPUT chain. But if you have a router (or NAT device) between your gateway machine and the Internet, you will need to set it up for port forwarding before you can access your box from the Internet.
 
Old 07-07-2006, 12:28 AM   #3
imagineers7
Member
 
Registered: Mar 2006
Distribution: BackTrack, RHEL, FC, CentOS, IPCop, Ubuntu, 64Studio, Elive, Dream Linux, Trix Box
Posts: 310

Original Poster
Rep: Reputation: 30
Hi BlackHole54,

Thanks for your reply,

I will check it out with snat and post what happens next.



Thanks again



Aniruddha

Last edited by imagineers7; 11-12-2006 at 04:34 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Internet connection quota with Linux gateway swcng2001 Linux - Networking 2 05-26-2006 10:20 AM
restrict masqueraded users to access an IP, only one at a time Menestrel Linux - Networking 1 11-22-2005 01:46 PM
Combining 2/more ADSL/Internet connection into ONE gateway carboncopy Linux - Networking 1 01-29-2005 08:06 AM
Lost connection to internet after a while, but able to ssh to gateway Covel Linux - Networking 6 07-11-2004 05:38 PM
Network Configuration to allow internet connection through gateway computer Ultrakapy Linux - Networking 3 07-30-2003 05:06 PM


All times are GMT -5. The time now is 02:44 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration