Setup masquerade to Windows

Akshaylive · 05-27-2010, 12:22 AM

I'm new to linux. I use Fedora 13 and am having trouble masquerading net to a windows machine. My system has 2 ethernet ports, eth1 and eth0. eth1 is connected to the modem provided by my ISP and am able to access the internet using eth1. My eth0 is connected to Windows 7 system. Earlier i used Windows Vista to provide internet sharing and it worked fine. I would like a step-by-step solution to set up the same using fedora core. Also I am unable to access net when my modem is connected to eth1 and cannot even access the modem configuration page (ie 192.168.1.1). Also help me set up the ip,dns,subnet mask and default gateway for my eth0 and also on the windows machine.. Thanks a lot in advance

business_kid · 05-27-2010, 09:59 AM

It's hardly masquerading,let's call it extending. The line that is suggested on each reboot (in rc.local or the like) is
echo 1 > /proc/sys/net/ipv4/ip_forward

Than set the ip of the linux box as proxy in the windows box. If you haven't got IPs set up, pick some and set them, e.g.
linux 192.168.1.1
windows 192.168.1.5

See if you can ping each box, the modem (from windows) and the internet from windows. There is/was a command prompt in the accessories menu on m$windows

catkin · 05-27-2010, 11:11 AM

Quote:

Originally Posted by Akshaylive

Also help me set up the ip,dns,subnet mask and default gateway ... on the windows machine.

Wrong forum and anyway there must be n-zillion pages on the Internet about how to do that as listed here (I was exaggerating -- there are only 2.6 million pages).

Akshaylive · 05-27-2010, 08:39 PM

Quote:

Originally Posted by catkin

Wrong forum and anyway there must be n-zillion pages on the Internet about how to do that as listed here (I was exaggerating -- there are only 2.6 million pages).

I know how to configure it. I just want to know the values that they need to take.. I'm new to networking and linux.. I know, bad combo..

Akshaylive · 05-27-2010, 08:45 PM

Quote:

Originally Posted by business_kid

It's hardly masquerading,let's call it extending. The line that is suggested on each reboot (in rc.local or the like) is
echo 1 > /proc/sys/net/ipv4/ip_forward

Than set the ip of the linux box as proxy in the windows box. If you haven't got IPs set up, pick some and set them, e.g.
linux 192.168.1.1
windows 192.168.1.5

See if you can ping each box, the modem (from windows) and the internet from windows. There is/was a command prompt in the accessories menu on m$windows

Thanks a lot for the reply. So, you're saying I should set a static IP , say 192.168.1.3 on my eth0? and 192.168.1.5 in Win and setup the proxy as 192.168.1.3 in windows box?

business_kid · 05-28-2010, 03:02 AM

If you are trying to do this without any servers, yes. Another way would be to use dhcpd on the linux box, and that would assign the windows box an ip. But fixed ips and ip forwarding might just give you what you are looking for.

SuperJediWombat! · 05-28-2010, 06:54 AM

Quote:

Originally Posted by business_kid

It's hardly masquerading,let's call it extending. The line that is suggested on each reboot (in rc.local or the like) is
echo 1 > /proc/sys/net/ipv4/ip_forward

Than set the ip of the linux box as proxy in the windows box. If you haven't got IPs set up, pick some and set them, e.g.
linux 192.168.1.1
windows 192.168.1.5

See if you can ping each box, the modem (from windows) and the internet from windows. There is/was a command prompt in the accessories menu on m$windows

How is this supposed to work, without the linux server setup as a proxy?

Can you please run these commands from your linux server and post the output to us?

Code:

ifconfig
ip route
iptables-save
cat /proc/sys/net/ipv4/ip_forward

Then run this from the windows box and post the output here:

Code:

ipconfig /all

Akshaylive · 05-28-2010, 09:46 AM

Quote:

Originally Posted by SuperJediWombat!

How is this supposed to work, without the linux server setup as a proxy?

Can you please run these commands from your linux server and post the output to us?

Code:

ifconfig
ip route
iptables-save
cat /proc/sys/net/ipv4/ip_forward

Then run this from the windows box and post the output here:

Code:

ipconfig /all

I'm on linux right now.. let me post the outputs
1. ifconfig
eth0 Link encap:Ethernet HWaddr 40:61:86:60:72:99
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:30 Base address:0x6000

eth1 Link encap:Ethernet HWaddr 40:61:86:60:72:98
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::4261:86ff:fe60:7298/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1035 errors:0 dropped:0 overruns:0 frame:0
TX packets:1100 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:735562 (718.3 KiB) TX bytes:218212 (213.0 KiB)
Interrupt:31 Base address:0xe000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:480 (480.0 b) TX bytes:480 (480.0 b)

2.ip route
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.2 metric 1
default via 192.168.1.1 dev eth1 proto static

3.cat /proc/sys/net/ipv4/ip_forward
1

Will login with windows and post op of 'ip config /all'

Thanks a lot

Akshaylive · 05-28-2010, 11:30 AM

Thanks for all the replies. Maybe this would help.

I used internet sharing using my other OS,Vista ( Win Vista - running on the linux machine I want to share internet from ) on my system. I could share my connection to the windows box running windows 7 and worked flawlessly..

Here is MY (Win Vista) ipconfig /all

ipconfig /all

Windows IP Configuration
Host Name . . . . . . . . . . . . : Akshay-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:
/*THIS IS MY NET CONNECTON*/
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E GBE N
IC #2
Physical Address. . . . . . . . . : 40-61-86-60-72-98
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1060:f85a:d40d:416%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, May 28, 2010 9:45:54 PM
Lease Expires . . . . . . . . . . : Saturday, May 29, 2010 9:45:54 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:
/*THIS IS MY CONNECTON TO CONNECT TO WINDOWS MACHINE*/
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E GBE NIC
Physical Address. . . . . . . . . : 40-61-86-60-72-99
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1448:7523:75cf:d495%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 255877510
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-FC-00-32-40-61-86-60-72-99
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%2
fec0:0:0:ffff::2%2
fec0:0:0:ffff::3%2
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection*:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{C957B72A-E8B4-4836-9FF3-94B9A6475AC0}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{459BE294-4D1E-40C1-928E-EACA2B210030}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 3:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{90422624-A3FB-4B66-AA4D-0FB542320C18}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

I want to do the same on linux.. Please help

SuperJediWombat! · 05-28-2010, 11:53 AM

You need to setup eth0 to have a static ip address like 10.1.1.1 and the windows box to have 10.1.1.2.
Set the windows box up so that the ip of the linux box is the default gateway and the subnet/netmask is the same on linux and windows.
Set the DNS server on windows to 192.168.1.1
Disable the interface on the windows box which is currently configured for the internet (because the gateway will clash)
enable masquerading on the linux box

For number 6, you will need to run this command from the linux box...

Code:

iptables -t nat POSTROUTING -o eth1 -j MASQUERADE

The rest of it you need to google for.

Akshaylive · 05-29-2010, 12:13 AM

@ SuperJediWombat! Thanks a lot.. However with those settings I am unable to even ping windows and vice versa.. Also what should the gateway and DNS of my eth0 be?

Also,
iptables -t nat POSTROUTING -o eth1 -j MASQUERADE produces an error..
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE produces none.

In win, it says cable not plugged in, and in linux, network status of eth0 says 'inactive'.. the physical connections are perfect as I can set up internet sharing from windows to windows.. What am I doing wrong?

Akshaylive · 05-29-2010, 12:17 AM

Another thing. In linux, the GUI network administration has a a thing called "static network routes" having 3 fields - destination network, prefix(net mask) and gateway.. Should it be left untouched?

business_kid · 05-29-2010, 02:55 AM

Quote:

Originally Posted by SuperJediWombat!

How is this supposed to work, without the linux server setup as a proxy?
[/code]

It should forward ipv4 to the internet, which is what the OP was trying to do.

SuperJediWombat! · 05-30-2010, 03:23 AM

Quote:

Originally Posted by business_kid

It should forward ipv4 to the internet, which is what the OP was trying to do.

For that to work you would have had to set up the second network on a different subnet to the first, and also setup a static route from his router telling it about the new network.

zeroberto · 07-11-2010, 12:14 PM

I have a similar problem.
My computer has 2 LAN cards. Eth1 is connected to my cable modem and eth0 to media player. I want to forward Internet to my player, but I have trouble with it. Here are my settings:

rc.inet1.conf

Code:

# Config information for eth0:
IPADDR[0]="192.168.137.1"
NETMASK[0]="255.255.255.0"
USE_DHCP[0]="no"
DHCP_HOSTNAME[0]=""

# Config information for eth1:
IPADDR[1]=""
NETMASK[1]=""
USE_DHCP[1]="yes"
DHCP_HOSTNAME[1]=""

Player settings:
IP address 192.168.137.2
Subnet mask 255.255.255.0
Gateway 192.168.137.1
DNS 192.168.137.1 (tried also 8.8.8.8, 8.8.8.4, 10.0.0.2)

This config works in Windows 7, but not in linux.
IP address test passes on the player but DNS server test fail.
Samba share works well.

Code:

# ifconfig -a  
eth0      Link encap:Ethernet  HWaddr 00:26:5a:c0:4f:b6  
          inet addr:192.168.137.1  Bcast:192.168.137.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1175083 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2119598 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:83418632 (79.5 MiB)  TX bytes:3185835861 (2.9 GiB)
          Interrupt:18 Base address:0xc800 

eth1      Link encap:Ethernet  HWaddr 00:19:db:d1:6c:b3  
          inet addr:188.2.188.31  Bcast:188.2.191.255  Mask:255.255.252.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:222175 errors:0 dropped:0 overruns:0 frame:0
          TX packets:156817 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:250202050 (238.6 MiB)  TX bytes:22813323 (21.7 MiB)
          Interrupt:29 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:71398 errors:0 dropped:0 overruns:0 frame:0
          TX packets:71398 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:9850007 (9.3 MiB)  TX bytes:9850007 (9.3 MiB)

Code:

# ping -c 5 192.168.137.2
PING 192.168.137.2 (192.168.137.2) 56(84) bytes of data.
64 bytes from 192.168.137.2: icmp_req=1 ttl=64 time=0.161 ms
64 bytes from 192.168.137.2: icmp_req=2 ttl=64 time=0.163 ms
64 bytes from 192.168.137.2: icmp_req=3 ttl=64 time=0.162 ms
64 bytes from 192.168.137.2: icmp_req=4 ttl=64 time=0.163 ms
64 bytes from 192.168.137.2: icmp_req=5 ttl=64 time=0.165 ms

--- 192.168.137.2 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 0.161/0.162/0.165/0.016 ms

Code:

# route -n   
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.137.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
188.2.188.0     0.0.0.0         255.255.252.0   U     202    0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         188.2.188.1     0.0.0.0         UG    202    0        0 eth1

Code:

# ip route
192.168.137.0/24 dev eth0  proto kernel  scope link  src 192.168.137.1 
188.2.188.0/22 dev eth1  proto kernel  scope link  src 188.2.188.31  metric 202 
127.0.0.0/8 dev lo  scope link

Code:

# cat /proc/sys/net/ipv4/ip_forward
1

After that I tried

Code:

# iptables -F
# iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
# iptables --append FORWARD --in-interface eth0 -j ACCEPT

then I got this

Code:

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

but DNS check still fails on the player.

Any suggestion?