Need help getting Win XP to see internet through Red Hat 9
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Need help getting Win XP to see internet through Red Hat 9
I just got a new computer and after much swearing, it is now happily dual-booting Red Hat 9 and Windows XP Pro. This computer has 2 NICs - one for cable-modem access to the internet (eth1), and one for the internal LAN (eth0).
From my server, in Linux, I can access both the internet, and each of the internal computers on the LAN (e.g. using tsclient).
But NONE of the WinXP or Win2K computers on my network can see the internet! =(
My linux server has an internal (eth0) IP of 192.168.0.1, and one of my XP boxes has an IP of 192.168.0.42. I've set up the XP box with the following settings:
- IP Address = 192.168.0.42
- Subnet Mask = 255.255.255.0
- Default Gateway = 192.168.0.1
After spending many hours reading through many threads, I still don't know what I need to do to make this work. Is there a HowTo somewhere that I've missed? I'm sure there's some setting in the RH9 Network config I've missed, but I don't know what it is.
do a search on how to setup iptables... and enabling NAT ... I use arno's firewall script (modified iptables)... so I can't help you too much on the commands to allow eth0 connections to access the net via NAT.
I have done this at two sites - using the Linux machine as a NAT router/firewall to allow the clients to access the internet.
The following is a iptasbles init script to start with:
#!/bin/bash
#---------------------------------------------------------------
# Initialize all the chains by removing all the rules
# tied to them
#---------------------------------------------------------------
iptables --flush
iptables -t nat --flush
iptables -t mangle --flush
#---------------------------------------------------------------
# Now that the chains have been initialized, the user defined
# chains should be deleted. We'll recreate them in the next step
#---------------------------------------------------------------
iptables --delete-chain
iptables -t nat --delete-chain
iptables -t mangle --delete-chain
#---------------------------------------------------------------
# If a packet doesn't match one of the built in chains, then
# The policy should be to drop it
#---------------------------------------------------------------
#iptables --policy INPUT DROP
#iptables --policy OUTPUT DROP
#iptables --policy FORWARD DROP
#---------------------------------------------------------------
# The loopback interface should accept all traffic
# Necessary for X-Windows and other socket based services
#---------------------------------------------------------------
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
#---------------------------------------------------------------
# If the Linux firewall is the caching DNS server for the network
# then allow outbound DNS queries from the FW and the replies too
#---------------------------------------------------------------
iptables -A OUTPUT -p udp -o ppp0 --dport 53 --sport 1024:65535 -j ACCEPT
iptables -A INPUT -p udp -i ppp0 --sport 53 --dport 1024:65535 -j ACCEPT
#---------------------------------------------------------------
# Allow all bidirectional traffic from your firewall to the protected network
# - Interface eth0 is the private network interface
#---------------------------------------------------------------
iptables -A INPUT -j ACCEPT -p all -s 10.0.0.0/24 -i eth0
iptables -A OUTPUT -j ACCEPT -p all -d 10.0.0.0/24 -o eth0
#---------------------------------------------------------------
# Load the NAT module
#---------------------------------------------------------------
modprobe iptable_nat
#---------------------------------------------------------------
# Allow masquerading
# Enable routing by modifying the ip_forward /proc filesystem file
# - Interface ppp0 is the internet interface
# - Interface eth0 is the private network interface
#---------------------------------------------------------------
iptables -A POSTROUTING -t nat -o ppp0 -s 10.0.0.0/24 -d 0/0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
#---------------------------------------------------------------
# Prior to masquerading, the packets are routed via the filter
# table's FORWARD chain.
# Allowed outbound: New, established and related connections
# Allowed inbound : Established and related connections
#---------------------------------------------------------------
iptables -A FORWARD -t filter -i eth0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -t filter -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT
#---------------------------------------------------------------
# Log and drop all other packets to file /var/log/messages
# Without this we could be crawling around in the dark
#---------------------------------------------------------------
iptables -A OUTPUT -j LOG
iptables -A OUTPUT -j DROP
iptables -A FORWARD -j DROP
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP
iptables -A FORWARD -j DROP
--
Additionally, you will 'probably' have to set the Windows machines to see the internal IP address of the Linux box as the gateway and maybe set the ISP's DNS servers on them also so they 'know' to pass through the gateway to do nslookups.
Hi JRago, that looks great - thanks. What do I do with this file now? What should I name it, and where should I save it?
I've been googling everywhere for info on enabling NAT in RH9 but I still haven't found a decent HowTo that explains what I need to know to get this set up. I just came across the Smoothwall web site. Do you know anything about that fw app?
Smooth wall is a Linux Based router- which in your case maybe the easiest way to fix your problem, I have a Linksys router that handles my internet. It also gives you some protection from the net- not total mind you but it's better than being naked out there.
From What I understand Smoothwall is very easy to setup and then you could put your boxes on DHCP and live happilly ever after.
Use a low end Pentium box to set it up.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.