LinuxQuestions.org - shared internet woes

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - shared internet woes - cant ping (https://www.linuxquestions.org/questions/linux-networking-3/shared-internet-woes-cant-ping-205300/)

shared internet woes - cant ping

Hi guys,

Ive recently installed RH 7.3 one one of our two home computers. Much to the dismay of my parnter i havent been able to get shared internet working. I dont know much about linux and am getting a little confused with the vast config files etc.

If i tell you what i want can you help? For now i just want to be able to share the servers net connection with the client. The whole domainname and config in linux is getting me a bit sidetracked too. I dont really care what it is as long as they are connected to a workgroup Mythical.

Where im at right now is, the server can use the internet fine with ppp0, and can ping the client by name and ip.

The client cant access the internet, can ping the server by ip, but cant ping it by name.

Server:
Running Redhat 7.3
Uses: Ethernet card (eth0) for network and modem (ppp0) for dialup internet
Name: Xeres
Internal IP: 192.168.0.1
Netmask: 255.255.255.0

Client:
Running Win98
Uses: Ethernet card for network
Name: Jasper
Workgroup: Mythical
Internal IP: 192.168.0.2
Netmask: 255.255.255.0

Im sure there'll be more you need me to tell you. If we assume no other settings have been made, (the ones i made have probably been wrong) can you point me along from here?

Hope you can help before the mrs screws my neck! :(

lee

Still having trouble with this :(

I thought windows checked c:\windows\hosts before anything else?

I have '192.168.0.1 xeres' in that file, but it cant locate the host by name, though it can ping it by ip. Where am i going wrong?

Hmm, just noticed that pinging the IP times out 2 of 5 times or so.

For win98 share the network, you need to configure samba in the RH. If you have it already installed, look for the configuration file "smb.conf" in the directory "/etc" or "/etc/samba". As root, use your preferred text editor to open this file and change the line which contains:
workgroup = xxx
where xxx is any default workgroup. Change it to your "Mythical", save the file and restart samba with the command:
service smb restart.
After a while, you will see your server in the "Network" ot the windows.

yes i'll want samba at some point, but for now i just want to get tcp/ip functioning working right, and internet sharing. As far as i can tell samba is just for file systems/printers and isnt involved in sharing internet connections.

Or am i wrong?

Well, I played around for a while. I moved '192.168.0.1 xeres' from c:\windows\hosts to c:\windows\lmhosts on the client

I installed samba on the server and set to auto-load at boot.

I disabled dns on the client and added the server ip into wins.

Now i can ping either way by name or internal IP. So i now need to get shared internet.

If the iptables are flushed with 'iptables -F', or even stopped altogether, does this mean it will allow everything? Or does forwarding have to be explicitly stated in the config?

from the client i still cant ping anything outside the network.

for instance, 'ping www.yahoo.com'
Pinging www.yahoo.com [66.94.230.33] with 32 bytes of data:
Request timed out.
Request timed out.
etc..

/proc/sys/net/ipv4/ip_forward contains 1
It looks like the name is being resolved ok? but nothings coming back. Cant ping with the IP address either,

Ideas?

in addition of the ip_forward, you need to add 2 important rules

Code:

iptables -A FORWARD -j ACCEPT 

and

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Hi, thanks for the help. Sadly the problem is still there.

From a term i started iptables, and added those rules from the command line.

The client still gets 'Request timed out' on pings though :( Trying to load a webpage brings up the dnserror page.

Something else im missing?

1. make linux machine gateway of win98 box.
2.give ur win98 box a dns server ip address. (e.g ur internet service provider's dns server)
3.enable ip forwarding on linux box.
echo "1" > /proc/sys/net/ipv4/ip_forward
4.
iptables -F
iptales -t mangle -F
iptables -t nat -F
iptables -t nat -A POSTROUTING -o interface -j MASQUERADE

replace interface with ur interface name connected to internet i.e
ppp0 or ethx.

now check through 'iptables -t nat -vnL'
that packets are masqueraded or not.
and samba isnt needed.

woohoo newpenguin! that works!

I dont understand most of what you told me yet, but it works for now, heh.
Now i need to secure it up.

Where would i add these scripts so they are used at bootup?

Hi Kola,

As you use ppp to connect to the world, you have to put this rules when the connection starts up. The right place to do it is "/etc/ppp/ip-up.local". However this are the minimum rules needed to share the internet with a local network. I suggest you visit www.netfilter.org and www.malibyte.net/iptables/scripts/fwscripts.html

hi every one.

i have a litle problem sharing my internet conexion too.

can some one tell me what i need to do to share my internet conection.

i have 2 computers, the one that have the internet have Red Hat 9, and she have 2 network cards eth0 and eth1 on eth0 i'm receiving the internet, and the eth1 conects to the second computer.

the second computer have win XP and RH9.

so the idea is to have the first computer sahring the internet. i read the post but i don't get what i have to do.

what is the iptables?

the conection betewn the two computers work fine but i can't acces to the internet with the second computer.

thanks!!!!

Hi davidrios,
iptables is the architectural concept on which we construct firewalls into linux since version 2.4. In 2.2 there was a different named ipchains and in 2.0 there was the ipfwadm. All of this is based in the flow of the messages into the system. Down to earth it is the set of tools we use to construct the firewall. The idea is the following: your computer talks to www across eth0 and talks to your home network across eth1. Both this devices are from your RH9 computer for its own communication. You need to train it to share the connection across eth0 to the participants connected on eth1. For example, if anybody on xp wants to open a session on RH9 or write a file to RH9 it can do it naturally using the proper protocol. However if you want to ping www.google.com on xp and xp knows the RH9 is the gateway, xp sends an icmp packet destined to google to RH9. However, RH9 doesn't know what to do with this packet. The way you have to say to RH9 assist xp in this task is using a iptables rule, like "whenever you receive a packet from xp to an address you don't have, give it to www". You need also say to RH9 "whenever you receive a package from www destined to xp or other member of my home network, send this package to eth1". This is a rough idea of the mode as we share any connection from one computer to a whole network. The messages must flow from one device to another until they reach their destination. The second function need by this sharing is the masquerading. You signed your service provider for one account. So it gives you one address for your use. How can you use 2 or 10 or 100 computers sharing this address? Simply by masquerading this address. Every time any computer tries to access the www, your server gets its messages, annotates who wants to access, replace the sender address of the message with the address provided by your ISP and sends this message as its own. When it gets the answer, it verifies who asked and restore the address to send to the proper client machine.
Certainly your RH9 has a graphical setup for "Internet connection sharing" which will permit you to configure it without worrying with this technical details. If you want to learn more about this subject, the right place is www.netfilter.org. They are the authors and maintainers of the software. There is plenty of concepts, howtos, tutorials and many links to firewall scripts.

Have fun!

Thanks!!!

great lesson!!!

i will check the site, to share the internet.

Thanks again!!!

hi again

well from the last post i have made some progress. :)

but i still have one problem

i was hable to share the internet connection, from the first RH9 computer to the second RH9 computer. but only if i give to the second computer, the IP address.

in other words, i can make a ping xxx.xxx.xxx.xxx if x are numbers, if i replace the numbers by the name of the internet page (ping www.yahoo.com) it doesn't work.

what can i do?

i used this lines to make it work.

on the RH9 server

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -j MASQUERADE -o ppp0

on the RH9 client

echo nameserver xxx.xxx.xxx.xxx > /etc/resolv.conf (xxx are the IP of my internet DNS provider)
route add default gw yyy.yyy.yyy.yyy (yyy are my IP of the LAN server)

thanks again

Hi davidrios,

For sure you have dns resolver problem. Try

Code:

host www.yahoo.com

and/or

Code:

dig www.yahoo.com

These tools asks for resolve the dns name to address. If you have any message line "file not found", look for your distribution to install at least one of it. The result of the first tool will be

Code:

YOURHOST:~# host www.yahoo.com

www.yahoo.com is an alias for www.yahoo.akadns.net.

www.yahoo.akadns.net has address 216.109.118.73

www.yahoo.akadns.net has address 216.109.118.77

www.yahoo.akadns.net has address 216.109.118.79

www.yahoo.akadns.net has address 216.109.117.106

www.yahoo.akadns.net has address 216.109.117.109

www.yahoo.akadns.net has address 216.109.117.110

www.yahoo.akadns.net has address 216.109.117.204

www.yahoo.akadns.net has address 216.109.117.207