Hi

I have a wireless network that I connect to for the Internet and I have an extra box I would like to have connect through this one.

My wireless card (ath0) connects to the Internet. I have an free hardwire NIC left (eth0), so I have the extra computer connect to my free NIC via a crossover. After setting up DHCP, my extra computer can ping my computer, but cannot connect to the internet. I verified it wasn't DNS problems since I can't ping the IP addresses of several sites.

I read a lot of guides on how to do this, and right now, I just have this script running on bootup:
I read through the iptables man pages and I sort of understand it and have tried a few different scripts.. but I wonder if I am supposed to configure outgoing packets or is this command just screwed up in the first place?

There may not be any default route in your extra computer.
to see the default route in your computer -->route -n
if there is 0.0.0.0 in destination u have the default route and it is someother problem if u dont u have to add it.
route add -net default gw <ip of ur computer> netmask 0.0.0.0 metric 1
that should do it.
usually the above line is automatically configured during install

should be
$IPTABLES -A POSTROUTING -t nat -o ath0 -j MASQUERADE

Check Chapter 9 of Rusty Russell's Packet Filtering Howto.

Other than running DHCP on eth1, this is all I had to do to make a small embedded system into a (totally open!) masquerading router:

iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

As was said, a default route must be established to eth0. In addition, I found that it was important to include the DNS nameservers in my /etc/resolv.conf file.

I discovered that if I *could* get a connection outside on the router and could not do so from a connected client, the problem was in the iptables setup.

This is kinda odd... I was trying to send something via ftp to this computer (the one I'm trying to make share the connection) and it will connect and let me login, but I get:
ftp: connect: No route to host

So now I think maybe my default route is wrong? It had a real odd configuration.
This is on my other computer... I have no idea where that Gateway IP came from.

Any ideas?

Tell us more about your setup. Looks like you must use a router in there somewhere. How are things configured?

What's a typical route (windows: "route print") on a workstation?

What you posted looks quite defective.

Ok I'll try out a little ASCII diagram here. I use a wifi router to send internet to this computer, and I want a computer to connect to this one's internet via a crossover.

D-Link Router ---Wireless--> Computer A (net active) --- [DHCP] Crossover--> Computer B

Computer B is where that entry came from, and I did omit two other route entries since they looked to be irrelevant, but here's the full output:
Destination--------Gateway-------Genmask-------Flags----Metric---Ref-----Use---Iface
192.168.1.0-----0.0.0.0------255.255.255.0------U--------0-------0-------0-----eth0
169.254.0.0-----0.0.0.0---------255.255.0.0------U--------0-------0-------0-----eth0
0.0.0.0--------192.168.1.254-----0.0.0.0-------UG--------0-------0-------0-----eth0

I'm thinking I need to change 192.168.1.254 to 192.168.1.1 (Computer A's IP on eth0).

Not sure what you mean about a typical route...

Well, this: 0.0.0.0--------192.168.1.254-----0.0.0.0-------UG--------0-------0-------0-----eth0 looks mighty screwey. as if DHCP failed to deliver.

What is your gateway address in Computer A?

You might try: route -a default gw 192.168.1.1 netmask 255.255.255.0

(192.168.1.1 being your router's address).

I'm no expert on these matters. I suggest you post your DHCP setup, information on how your router is configured (DHCP also? ip range?), your wireless access point, and more information about how your IP addressing is configured.

Final quesion: why do this at all? That is, why connect a single machine via a crossover cable to another one and supply a DHCP'd ip address? If it's just a matter of connecting another machine I think you can do it by simply setting the adapter (machine 2) to an unused address within the range of your existing LAN (and connecting via the crossover cable).

yeah, I found out DHCP was screwing with that gateway addr, so I just did away with it and set the IP manually... the gateway stays the same now. Why I did it in the first place? I guess I thought you had to do it when setting up a computer-router, but I mainly wanted to try it out.

My router's address is: 192.168.0.1 and assigns via DHCP, but this computer usually keeps 192.168.0.104 on device ath0 and eth0 is set to 192.168.1.1. This is all on computer A. My gateway addr on computer A is 192.168.0.1.

On computer B, my default gateway is 192.168.1.1 (eth0 on computer A). Device eth0 on computer B is 192.168.1.100.

The range on my router is 192.168.0.100 - 192.168.0.199. Should I set eth0 on both machines to an IP within my router's range?

I'm guessing my wireless access point would indeed be my wireless router... so that'd be 192.168.0.1.

So, problem solved??

Excellent.

Here's a really straightforward explanation that might help in setting up a DHCP server: http://tldp.org/HOWTO/Net-HOWTO/x1444.html

:/

Well I solved a problem I guess... I'm really playing around with the routing tables as I am beginning to understand them, but nothing seems to work =(

Thanks for your help so far though =D

EDIT: on ftp, I still get that:
ftp: connect: No route to host
every time I try to ls/send/get... hm..

Just ignore...

Normall, you'll want to set things up such that eth0 is connected to the WAN side and eth1 to the Client (LAN) side. In the case of computer A, you might want to change the configuration such that eth0 is attached to your wireless access point, and eth1 then connects to computer B.

As such, let me see if I have this right:

D-Link Router
192.168.0.1
DHCP -> 192.168.0.0/24
|
|
WAP (gets address via D-Link Router DHCP)
|
|
[eth0] = 192.168.0.104 (static)
Computer A
: since Computer A is within the subnet, it should have
: a default gateway of 192.168.0.1 genmask = 255.0.0.0 or 0.0.0.0
[eth1] = 192.168.1.1 (static)
|
|
[eth0] = 192.168.1.100 (static)
Computer B
: since Computer B is provided a routed connection via Computer A,
: its default gateway wants to read: 192.168.1.1 genmask 255.0.0.0 or 0.0.0.0

Also, on ALL machines, make sure you have established your resolv.conf file with one (preferably 2) DNS server entries (for your ISP).

Try, on Computer A, pinging out to a www address. You can also try the switch -I [interface] as in:

ping -c 2 www.ascap.com -I eth0

(The -c 2 will ping twice, instead of continuously.)

If this works, try it without the -I switch. If this works, your routing on Computer A is good.

Now try, from Computer B, to ping each interface, starting with 192.168.1.100, then 192.168.1.1, then 192.168.0.104, then the WAP IP address and finally your router. If you get back to the WAP or router, your iptables script is working.

This will test things out sans internet.

Then try pinging a www site from Computer B. If no joy, delete the default route and replace it with:

route add default gw 192.168.1.1 netmask 255.255.255.0

This is the sum total of my knowledge

Heh... I changed the default route to 192.168.1.1 based on the settings of Computer A to Computer B... and I can connect to my router and ping Internet IP's!

Only problem is my DNS doesn't seem to want to work... I have my DNS set up looking to my router (exactly as I see it on this computer) plus any other IP I thought might work, but it doesn't seem to work =P

Any ideas?

Set your Computer B /etc/resolv.conf to read:

search localhost
nameserver xxx.xxx.xxx.xxx
nameserver xxx.xxx.xxx.xxx

where xxx.xxx.xxx.xxx is the primary and then the alternate DNS server ip address that your ISP provides. If you don't know what these are, have a look at computer A's resolv.conf.