LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-30-2005, 01:51 PM   #1
Pur 2103
LQ Newbie
 
Registered: Sep 2003
Location: Johannesburg
Distribution: Fedora Core 6
Posts: 7

Rep: Reputation: 0
iptables set up


I would like to connect with my laptop (Windows XP) to the internet via my Linux PC (Fedora Core 4) I used the description at LinuxQuestions.org > LinuxAnswers > Linux Router (unfortunately I was not allowed to post the url . When I now ping on the laptop yahoo.com I can see that it resolves the IP address but the respones times out. Same on Internet Explorer, I type in the web address, it resolves the ip address but get a cannot find server. What am I doing wrong?
 
Old 07-31-2005, 05:34 PM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,568

Rep: Reputation: 164Reputation: 164
Please show what you have in your routing table. Post result of the command 'route'.
 
Old 08-06-2005, 06:56 AM   #3
Pur 2103
LQ Newbie
 
Registered: Sep 2003
Location: Johannesburg
Distribution: Fedora Core 6
Posts: 7

Original Poster
Rep: Reputation: 0
here is the content of my /etc/sysconfig/iptables:

# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
filter
INPUT ACCEPT [0:0]
FORWARD ACCEPT [0:0]
OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -i eth0 -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT


and here the result of /sbin/route:

[root@THOMAS sysconfig]# /sbin/route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
196.26.208.0 * 255.255.255.0 U 0 0 0 ippp0
default cas15-rba.dial- 0.0.0.0 UG 0 0 0 ippp0


thanks
 
Old 08-06-2005, 02:12 PM   #4
Pur 2103
LQ Newbie
 
Registered: Sep 2003
Location: Johannesburg
Distribution: Fedora Core 6
Posts: 7

Original Poster
Rep: Reputation: 0
Problem solved, found a very nice site http://www.yolinux.com/TUTORIALS/Lin...rkGateway.html and now my iptables looks like this

# Generated by iptables-save v1.3.0 on Sat Aug 6 20:09:02 2005
*nat
:OUTPUT ACCEPT [83:7653]
:POSTROUTING ACCEPT [10:763]
:PREROUTING ACCEPT [184:21265]
-A POSTROUTING -o ippp0 -j MASQUERADE
COMMIT
# Completed on Sat Aug 6 20:09:02 2005
# Generated by iptables-save v1.3.0 on Sat Aug 6 20:09:02 2005
*filter
:FORWARD ACCEPT [809:181954]
:INPUT ACCEPT [971:122582]
:OUTPUT ACCEPT [1049:83801]
-A FORWARD -i etho -j ACCEPT
COMMIT
# Completed on Sat Aug 6 20:09:02 2005

thanks for listening :-)
 
Old 08-06-2005, 02:18 PM   #5
foo_bar_foo
Senior Member
 
Registered: Jun 2004
Posts: 2,553

Rep: Reputation: 52
lets see you put the address to the Linux machine as default gateway or whatever it is in windows tcp/ip settings

then here is a script that will turn on ip masquerading
adjust if your internet connection is not through ppp0 like mine (slow dialup)
Code:
#!/bin/bash

echo "setting up IPmasquerading......"

IPTABLES='/sbin/iptables'

#All The lines below are NAT routing

# flush any old rules
$IPTABLES -F -t nat

# turn on NAT (IP masquerading for outgoing packets)
$IPTABLES -A POSTROUTING -t nat -o ppp0 -j MASQUERADE

# enable IP forwarding (of incoming packets)
echo 1 > /proc/sys/net/ipv4/ip_forward
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IPtables - Debian set up fredg Linux - Security 4 05-26-2005 06:04 PM
iptables + --set-markHi... alaios Linux - Networking 1 02-09-2005 04:59 PM
newbie help - IPtables. What are they and DO I need to set them up? kopite Linux - Security 3 11-23-2003 07:25 AM
Iptables: help me set it up, please Adeyinka Linux - Security 2 10-09-2003 10:27 AM
How do I set up IPTables? poshphil Linux - Newbie 2 09-19-2003 06:26 AM


All times are GMT -5. The time now is 04:40 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration