LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-15-2004, 05:21 AM   #1
kola
Member
 
Registered: Jul 2004
Location: Christchurch, New Zealand
Distribution: FC2, Debian 'Sarge'
Posts: 64

Rep: Reputation: 15
shared internet woes - cant ping


Hi guys,

Ive recently installed RH 7.3 one one of our two home computers. Much to the dismay of my parnter i havent been able to get shared internet working. I dont know much about linux and am getting a little confused with the vast config files etc.

If i tell you what i want can you help? For now i just want to be able to share the servers net connection with the client. The whole domainname and config in linux is getting me a bit sidetracked too. I dont really care what it is as long as they are connected to a workgroup Mythical.

Where im at right now is, the server can use the internet fine with ppp0, and can ping the client by name and ip.

The client cant access the internet, can ping the server by ip, but cant ping it by name.

Server:
Running Redhat 7.3
Uses: Ethernet card (eth0) for network and modem (ppp0) for dialup internet
Name: Xeres
Internal IP: 192.168.0.1
Netmask: 255.255.255.0

Client:
Running Win98
Uses: Ethernet card for network
Name: Jasper
Workgroup: Mythical
Internal IP: 192.168.0.2
Netmask: 255.255.255.0

Im sure there'll be more you need me to tell you. If we assume no other settings have been made, (the ones i made have probably been wrong) can you point me along from here?

Hope you can help before the mrs screws my neck!

lee
 
Old 07-15-2004, 06:57 PM   #2
kola
Member
 
Registered: Jul 2004
Location: Christchurch, New Zealand
Distribution: FC2, Debian 'Sarge'
Posts: 64

Original Poster
Rep: Reputation: 15
Still having trouble with this

I thought windows checked c:\windows\hosts before anything else?

I have '192.168.0.1 xeres' in that file, but it cant locate the host by name, though it can ping it by ip. Where am i going wrong?

Hmm, just noticed that pinging the IP times out 2 of 5 times or so.
 
Old 07-15-2004, 07:41 PM   #3
osvaldomarques
Member
 
Registered: Jul 2004
Location: Rio de Janeiro - Brazil
Distribution: Conectiva 10 - Conectiva 8 - Slackware 9 - starting with LFS
Posts: 519

Rep: Reputation: 34
For win98 share the network, you need to configure samba in the RH. If you have it already installed, look for the configuration file "smb.conf" in the directory "/etc" or "/etc/samba". As root, use your preferred text editor to open this file and change the line which contains:
workgroup = xxx
where xxx is any default workgroup. Change it to your "Mythical", save the file and restart samba with the command:
service smb restart.
After a while, you will see your server in the "Network" ot the windows.
 
Old 07-15-2004, 07:49 PM   #4
kola
Member
 
Registered: Jul 2004
Location: Christchurch, New Zealand
Distribution: FC2, Debian 'Sarge'
Posts: 64

Original Poster
Rep: Reputation: 15
yes i'll want samba at some point, but for now i just want to get tcp/ip functioning working right, and internet sharing. As far as i can tell samba is just for file systems/printers and isnt involved in sharing internet connections.

Or am i wrong?
 
Old 07-16-2004, 04:18 AM   #5
kola
Member
 
Registered: Jul 2004
Location: Christchurch, New Zealand
Distribution: FC2, Debian 'Sarge'
Posts: 64

Original Poster
Rep: Reputation: 15
Well, I played around for a while. I moved '192.168.0.1 xeres' from c:\windows\hosts to c:\windows\lmhosts on the client

I installed samba on the server and set to auto-load at boot.

I disabled dns on the client and added the server ip into wins.

Now i can ping either way by name or internal IP. So i now need to get shared internet.

If the iptables are flushed with 'iptables -F', or even stopped altogether, does this mean it will allow everything? Or does forwarding have to be explicitly stated in the config?

from the client i still cant ping anything outside the network.

for instance, 'ping www.yahoo.com'
Pinging www.yahoo.com [66.94.230.33] with 32 bytes of data:
Request timed out.
Request timed out.
etc..

/proc/sys/net/ipv4/ip_forward contains 1
It looks like the name is being resolved ok? but nothings coming back. Cant ping with the IP address either,

Ideas?

Last edited by kola; 07-16-2004 at 04:19 AM.
 
Old 07-16-2004, 06:05 AM   #6
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 50
in addition of the ip_forward, you need to add 2 important rules
Code:
iptables -A FORWARD -j ACCEPT 
and
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 
Old 07-16-2004, 06:39 AM   #7
kola
Member
 
Registered: Jul 2004
Location: Christchurch, New Zealand
Distribution: FC2, Debian 'Sarge'
Posts: 64

Original Poster
Rep: Reputation: 15
Hi, thanks for the help. Sadly the problem is still there.

From a term i started iptables, and added those rules from the command line.

The client still gets 'Request timed out' on pings though Trying to load a webpage brings up the dnserror page.

Something else im missing?
 
Old 07-16-2004, 07:10 AM   #8
newpenguin
Member
 
Registered: Sep 2002
Location: lahore pakistan
Distribution: slackware,redhat, FreeBSD,openbsd
Posts: 219

Rep: Reputation: 30
1. make linux machine gateway of win98 box.
2.give ur win98 box a dns server ip address. (e.g ur internet service provider's dns server)
3.enable ip forwarding on linux box.
echo "1" > /proc/sys/net/ipv4/ip_forward
4.
iptables -F
iptales -t mangle -F
iptables -t nat -F
iptables -t nat -A POSTROUTING -o interface -j MASQUERADE

replace interface with ur interface name connected to internet i.e
ppp0 or ethx.

now check through 'iptables -t nat -vnL'
that packets are masqueraded or not.
and samba isnt needed.
 
Old 07-16-2004, 07:42 AM   #9
kola
Member
 
Registered: Jul 2004
Location: Christchurch, New Zealand
Distribution: FC2, Debian 'Sarge'
Posts: 64

Original Poster
Rep: Reputation: 15
woohoo newpenguin! that works!

I dont understand most of what you told me yet, but it works for now, heh.
Now i need to secure it up.

Where would i add these scripts so they are used at bootup?
 
Old 07-17-2004, 02:46 PM   #10
osvaldomarques
Member
 
Registered: Jul 2004
Location: Rio de Janeiro - Brazil
Distribution: Conectiva 10 - Conectiva 8 - Slackware 9 - starting with LFS
Posts: 519

Rep: Reputation: 34
Hi Kola,

As you use ppp to connect to the world, you have to put this rules when the connection starts up. The right place to do it is "/etc/ppp/ip-up.local". However this are the minimum rules needed to share the internet with a local network. I suggest you visit www.netfilter.org and www.malibyte.net/iptables/scripts/fwscripts.html
 
Old 07-20-2004, 06:48 PM   #11
davidrios
LQ Newbie
 
Registered: Mar 2004
Location: grenoble, france
Posts: 12

Rep: Reputation: 0
hi every one.

i have a litle problem sharing my internet conexion too.

can some one tell me what i need to do to share my internet conection.

i have 2 computers, the one that have the internet have Red Hat 9, and she have 2 network cards eth0 and eth1 on eth0 i'm receiving the internet, and the eth1 conects to the second computer.

the second computer have win XP and RH9.

so the idea is to have the first computer sahring the internet. i read the post but i don't get what i have to do.

what is the iptables?

the conection betewn the two computers work fine but i can't acces to the internet with the second computer.


thanks!!!!
 
Old 07-20-2004, 08:37 PM   #12
osvaldomarques
Member
 
Registered: Jul 2004
Location: Rio de Janeiro - Brazil
Distribution: Conectiva 10 - Conectiva 8 - Slackware 9 - starting with LFS
Posts: 519

Rep: Reputation: 34
Hi davidrios,
iptables is the architectural concept on which we construct firewalls into linux since version 2.4. In 2.2 there was a different named ipchains and in 2.0 there was the ipfwadm. All of this is based in the flow of the messages into the system. Down to earth it is the set of tools we use to construct the firewall. The idea is the following: your computer talks to www across eth0 and talks to your home network across eth1. Both this devices are from your RH9 computer for its own communication. You need to train it to share the connection across eth0 to the participants connected on eth1. For example, if anybody on xp wants to open a session on RH9 or write a file to RH9 it can do it naturally using the proper protocol. However if you want to ping www.google.com on xp and xp knows the RH9 is the gateway, xp sends an icmp packet destined to google to RH9. However, RH9 doesn't know what to do with this packet. The way you have to say to RH9 assist xp in this task is using a iptables rule, like "whenever you receive a packet from xp to an address you don't have, give it to www". You need also say to RH9 "whenever you receive a package from www destined to xp or other member of my home network, send this package to eth1". This is a rough idea of the mode as we share any connection from one computer to a whole network. The messages must flow from one device to another until they reach their destination. The second function need by this sharing is the masquerading. You signed your service provider for one account. So it gives you one address for your use. How can you use 2 or 10 or 100 computers sharing this address? Simply by masquerading this address. Every time any computer tries to access the www, your server gets its messages, annotates who wants to access, replace the sender address of the message with the address provided by your ISP and sends this message as its own. When it gets the answer, it verifies who asked and restore the address to send to the proper client machine.
Certainly your RH9 has a graphical setup for "Internet connection sharing" which will permit you to configure it without worrying with this technical details. If you want to learn more about this subject, the right place is www.netfilter.org. They are the authors and maintainers of the software. There is plenty of concepts, howtos, tutorials and many links to firewall scripts.

Have fun!
 
Old 07-21-2004, 10:46 AM   #13
davidrios
LQ Newbie
 
Registered: Mar 2004
Location: grenoble, france
Posts: 12

Rep: Reputation: 0
Thanks!!!

great lesson!!!

i will check the site, to share the internet.


Thanks again!!!
 
Old 07-22-2004, 07:12 PM   #14
davidrios
LQ Newbie
 
Registered: Mar 2004
Location: grenoble, france
Posts: 12

Rep: Reputation: 0
hi again

well from the last post i have made some progress.

but i still have one problem

i was hable to share the internet connection, from the first RH9 computer to the second RH9 computer. but only if i give to the second computer, the IP address.

in other words, i can make a ping xxx.xxx.xxx.xxx if x are numbers, if i replace the numbers by the name of the internet page (ping www.yahoo.com) it doesn't work.

what can i do?

i used this lines to make it work.

on the RH9 server

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -j MASQUERADE -o ppp0

on the RH9 client

echo nameserver xxx.xxx.xxx.xxx > /etc/resolv.conf (xxx are the IP of my internet DNS provider)
route add default gw yyy.yyy.yyy.yyy (yyy are my IP of the LAN server)

thanks again
 
Old 07-22-2004, 07:39 PM   #15
osvaldomarques
Member
 
Registered: Jul 2004
Location: Rio de Janeiro - Brazil
Distribution: Conectiva 10 - Conectiva 8 - Slackware 9 - starting with LFS
Posts: 519

Rep: Reputation: 34
Hi davidrios,

For sure you have dns resolver problem. Try
Code:
host www.yahoo.com
and/or
Code:
dig www.yahoo.com
These tools asks for resolve the dns name to address. If you have any message line "file not found", look for your distribution to install at least one of it. The result of the first tool will be
Code:
YOURHOST:~# host www.yahoo.com
www.yahoo.com is an alias for www.yahoo.akadns.net.
www.yahoo.akadns.net has address 216.109.118.73
www.yahoo.akadns.net has address 216.109.118.77
www.yahoo.akadns.net has address 216.109.118.79
www.yahoo.akadns.net has address 216.109.117.106
www.yahoo.akadns.net has address 216.109.117.109
www.yahoo.akadns.net has address 216.109.117.110
www.yahoo.akadns.net has address 216.109.117.204
www.yahoo.akadns.net has address 216.109.117.207
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FC4 won't ping 127.0.0.1 or the internet, but will ping local computers jalsk Linux - Networking 4 11-22-2005 05:59 PM
iptables. Can ping through to internet side nic but can't get to internet gonus Linux - Networking 19 07-15-2004 01:27 PM
Can ping network but can't ping any internet ip when I hard set the ip Streme Linux - Wireless Networking 4 04-13-2004 09:18 AM
lights but no ping, networking card woes bigcmos Linux - Networking 6 08-04-2003 07:20 PM
Shared internet via XP Cubix Linux - Networking 4 07-17-2003 10:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration