Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've been experiencing some problems - well, one really. I have my Linux box set up as a masquerading gateway to the Internet. I have a network 192.168.0.0 on eth0. The box's IP is 192.168.0.1 and is statically assigned. The Internet is accessed using a modem, whose IP address is dynamically assigned by the ISP.
I have a basic firewall set up using iptables.
Everything has been set up using MCC and using various HOWTOs. However, the Internet doesn't work. It connects all right, but then doesn't do anything. In the details of kppp, it says that only four packets have been sent and received. This number does not change. I guess those packets are the user name and password authentication to my ISP.
There's probably one setting eluding me, and I can't find it. Any ideas?
Oh, almost forgot. I'm running Mandrake 8.1.
Oh, also almost forgot that the network seems to be running ok - pinging works. Pinging the local IP address (modem) from the Linux box seems ok, and also from another comp on the network. I can only ping the ISP server address from the Linux box (only works some of the time) but I can't from any other comp on the network. I can't ping any other IP address on the Internet from any computer.
If you need any more info, tell me, and I'll provide it.
Hi,
This script masquerades from one ethernet card to another. Is it what you want? If not chabge value of EXTIF (it'sthe interface your packets are sent to).
Whoops, sorry, I forgot to mention I made two changes to that script. I changed EXTIF to ppp0 and INTIF to eth0. Another change was that I changed the location of iptables to /sbin/iptables because that's where it exists.
Hi,
Your machine is not masqerading. That's why I was asking. But now maybe try
iptables -t nat -A POSTROUTING -o ppp0 -j MASQERADE
from console. There might be a problem, because I think firewall is started before interface ppp0. Maybe try also change ppp0 to ppp+. It was good for ipchains (previous version in kernels 2.2.x), but I haven't tried it with 2.4.x.
No luck with that. I did type that in a console before and after logging in to my ISP, and although it accepted it (is MASQERADE meant to be MASQUERADE? I tried it with a U) doing iptables -L still gave the same as before. And the ping thing - I can ping the ISP computer fine and it sends packets and receives packets all right. But pinging anything else, and it doesn't like it. What I'll do is try to ping some other sites on the Internet, in case the IP address of the site I am testing with is no longer in existence. But I doubt that's true...
I have had a similar problem with RH7.2. The the document at the following link http://axion.physics.ubc.ca/ppp-linux.html especally in respect to the section on routes. I found RH had added an extra route entry.
Thank you for the prompt replies - you have all been very helpful. My problem was solved when I deleted the default route - that was what was causing all the problems.
I have just one final niggle. When loading the rc.firewall script, it takes ages checking all the kernel modules. Is there a quicker way to do this, or is this really necessary? I reboot often (unlike most Linux users, I know) so a kind of fast boot is advantageous.
Is it okay to skip checking all the kernel modules in the rc.firewall script? Or, even better, is there a way to do this a lot faster? At the moment, booting up takes an age!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.