Routing and nat
 

Hey!
I recently installed Mandrake 8.2 on a system w/ 2 network adapters. I have a network w/ two systems that was directly connected to a switch then into a cable modem to access the internet. I would like to make my network a private network with a subnet of 192.168.0.0, and use the mandrake Linux box as a router to the internet.

I have already setup the environment to make this work. Using one system to test the setup. Here is configuration of the Linux system:

Network Adapter A - Internet
DHCP: Yes
IP: 24.234.x.x
Subnet: 255.255.255.0
Gateway: 24.234.x.1
DNS: Provided by DHCP

Network Adapter B - Private Network
Static: Yes
IP: 192.168.0.10
Subnet: 255.255.255.0


Very basic LAN configuration as you can see. I am able to ping both the internet gateway (24.234.x.1) and my test PC (192.168.0.3) from the Linux system. I am also able to ping both interfaces on Linux system (192.168.0.10 and 24.234.x.x) from the test workstation. However, it will not route out and I am unable to ping the internet gateway (24.234.x.1) from the test workstation.

I have some experience with routing, but never done this with Linux. I understand you have to configure it but there is just so much information out there and no step-by-step guides on how to do it. If I do it once, I can always enhance upon it, but I have to start somewhere.

Please help me configure the NAT and routing on Linux system for my machines on my private network to access the internet. I can still access http request thorough my proxy but nothing else.

c'mon
 

someone has to know something??? When I try to use the iptables firewall in webmin I get this...."Either the /proc filesystem does not exist or iptables is not supported by your kernel. Maybe you have to load the ip_tables module (insmod ip_tables)? Or do you have an 2.2.x or earlier kernel version?"

I have found the updated kernel I just don't know what to do with it.

When I plug my cable modem into my XP box I have outside connectivity other than just getting the http requests from my proxy server, so I know there is a configuration issue with my Linux box. Am I even on the right track with IPtables or should I try something else?

edit: actually the first post should read Mandrake 9.0...lol don't know how I messed that one up! :D

You're on the right lines yes :)

I don't know about Mandrake specifically, but you *should* have iptables support built into the kernel by default.

You may *not* have iptables turned on. I know Redhat, out of the box, uses ipchains.

Iptables and ipchains don't live together nicely. If you have ipchains running and attempt to start iptables it'll complain that it can't insert a hook and 'your kernel doesnt' support iptables'.

Which it does. But its kernel space has already been usurped by ipchains.

So, turn off ipchains.

chkconfig -del ipchains

then service iptables start

chkconfig -add iptables

You'll need to add various iptables rules. And there are *hundreds* of how-to's on how to do this. Look on freshmeat for 'jay iptables' and you'll get one of the more popular config programs.

I do it by hand, because um.. I'm anal like that, but your problem is that you're not routing packets from your internal to your external interface.

You need to do this :

echo 1 > /proc/sys/net/ipv4/ip_forward # Enable IP masq

$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

where
IPTABLES=/sbin/iptables
EXTIF="eth0"
INTIF="eth1"

change your external / internal interface numbers accordingly.

Slick.

slickwilly, is it possible I could get a copy of your iptables rule set? I searched and searched on the net still not sure what exactlly what I need to put in to the file.....

Um.. you don't want mine..

I've got some messed up stuff in mine which while it works doesn't look pretty..

Here's one I found that seems to be okay.

http://orbital.wiretapped.net/~technion/iptables

And here's a site which has a ton of resources on it worth visiting / reading...

http://www.linuxguruz.org/iptables/

:)

Slick.

thanks slick....